iPhone bait in malware attack

Stephen Withers
Monday, 02 July 2007 12:45

Your IT - Mobility

Spam messages claiming the recipient has won an iPhone are being used to attract victims to a web site that tries to install a rootkit and spambot malware by exploiting ten ActiveX vulnerabilities.

According to Secure Computing, the original message states "Congratulations, you have won a new iPhone from our store!"

A variety of tricks have been used to make life harder for security  researchers, including tracking visits and then redirecting returning visitors to a clean page.

"Because of the popularity of the iPhone brand this is the first in what’s bound to be a series of scams involving the iPhone," said Paul Henry, vice president of technology evangelism at Secure Computing.

"This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit/spam bot malware."

Other security companies have detected various iPhone-related spams. On June 29, Sophos reported a campaign offering $600 towards an iPhone in exchange for completing a survey. "I wonder how long it will take before we see e-mail luring people to a malicious website by offering free iPhones?" pondered 'Dimitry' of SophosLabs Canada.

The answer turned out to be "Not very."