Circulating Trojan file targets iPhone followers
updated 03:45 pm EDT, Wed September 24, 2008
Trojan targets iPhone fans
A Trojan attack in circulation is exploiting interest in the iPhone, say researchers with Panda Security. The company identifies the malware as Banker.LKCTrojan, an app which masquerades as a video of the iPhone. The associated file -- named "VideoPhone[1]_exe" -- specifically operates through a technique called pharming, in which DNS information is sabotaged to redirect a person to a malicious website.
Once run, the Banker malware conceals its activities by opening a browser window, and displaying a page selling iPhones. In reality Banker is modifying the host file of a victim's computer, switching the IP addresses associated with bank domain names, so they instead point to a spoof site. Here a person is prompted to share information such as account numbers and passwords, enabling easy identity theft.
The primary defense against Banker is said to be antivirus software, as this may prevent the malware from altering host files. Detecting infection is said to be fairly simple, as spoof sites will often have misspelled URLs, and lack security certificates by companies such as Verisign.
Grizzled Veteran
Joined: Oct 1999
exe?
Although the article is conspicuously silent on the subject, I'm guessing that the "exe" bit means this is a Windows problem? Add this to the list of trojans that I don't have to care about. Am I in the wrong place or is this still MAC-NN?