09/24/2008, 3:45pm, EDT
Wednesday, September 24th
Circulating Trojan file targets iPhone followers
A Trojan attack in circulation is exploiting interest in the iPhone, say researchers with Panda Security. The company identifies the malware as Banker.LKCTrojan, an app which masquerades as a video of the iPhone. The associated file -- named "VideoPhone[1]_exe" -- specifically operates through a technique called pharming, in which DNS information is sabotaged to redirect a person to a malicious website.
Once run, the Banker malware conceals its activities by opening a browser window, and displaying a page selling iPhones. In reality Banker is modifying the host file of a victim's computer, switching the IP addresses associated with bank domain names, so they instead point to a spoof site. Here a person is prompted to share information such as account numbers and passwords, enabling easy identity theft.
The primary defense against Banker is said to be antivirus software, as this may prevent the malware from altering host files. Detecting infection is said to be fairly simple, as spoof sites will often have misspelled URLs, and lack security certificates by companies such as Verisign.
Filed under: iPhone, security, networking
,
, 7
,
,
,
,
,
,

subscribe to comments
for this article
exe?
Although the article is conspicuously silent on the subject, I'm guessing that the "exe" bit means this is a Windows problem? Add this to the list of trojans that I don't have to care about. Am I in the wrong place or is this still MAC-NN?
um, no....
The primary defense against Banker is said to be antivirus software,
Gee, and I would think the primary defense would be not to play a 'video' file posing as an application.
Clarification
Just to clarify, this article is all about malware that runs under Microsoft Windows, and will be typically downloaded by a Windows user using Internet Explorer, and explicitly executed by the user.
The technology involved here has zero to do with the iPhone, the Macintosh, or Apple computer.
Panda site
Strangely, the Panda link above doesn't have any searchable reference to the details of this trojan, nor does a google search for banker.lkctrojan.
So, what the heck?!
so was there a MacNN...
...article, back in the day, that said: "Circulating 'I Love You' file targets Hopeless Romantics"...?
People would be pretty...
hard up to watch that video. There must be hundreds of iPhone videos on youtube. I guess a file like this could catch some naive users. How does it get on a person's computer? Through mail delivery or something?
I can just imagine how SkyMarket and Android Store will be inflicted with this kind of stuff without anyone screening uploaded apps. Sounds scary to me.
Ummm....
Yeah....Panda Security....nuff said.
On a related note.....
How are all you Windows Users enjoying the latest "AntiVirus 2008" or the "AntiVirus 2009" that has been floating around?