Circulating Trojan file targets iPhone followers

View this article at: http://www.macnn.com/articles/08/09/24/trojan.targets.iphone.fans/

Wednesday, Sep 24, 2008 3:45pm

Circulating Trojan file targets iPhone followers

A Trojan attack in circulation is exploiting interest in the iPhone, say researchers with Panda Security. The company identifies the malware as Banker.LKCTrojan, an app which masquerades as a video of the iPhone. The associated file -- named "VideoPhone[1]_exe" -- specifically operates through a technique called pharming, in which DNS information is sabotaged to redirect a person to a malicious website.

Once run, the Banker malware conceals its activities by opening a browser window, and displaying a page selling iPhones. In reality Banker is modifying the host file of a victim's computer, switching the IP addresses associated with bank domain names, so they instead point to a spoof site. Here a person is prompted to share information such as account numbers and passwords, enabling easy identity theft.

The primary defense against Banker is said to be antivirus software, as this may prevent the malware from altering host files. Detecting infection is said to be fairly simple, as spoof sites will often have misspelled URLs, and lack security certificates by companies such as Verisign.