Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Ayfone.a - New Iphone Based Phishing Attack


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:06:18 AM

Posted 02 July 2007 - 11:09 AM

Trojan AyFone.A - New iPhone based Phishing attack

A new social engineering scheme has surfaced, which tries to convince folks they can save $100 by ordering the new iPhone online. This new attack is well crafted and even appears to spoof Apple's true e-commerce web site address. Users can become infected by visiting malicious websites which can automatically download and install the trojan horse, if IE security controls have been lowered. Users should always be aware of scammers, as there are no free lunches in most things offered to us via the Internet.

Trojan AyFone.A - New iPhone based Phishing attack
http://blogs.zdnet.com/hardware/?p=574

QUOTE: scammers are using the iPhone to try to steal money from unwitting customers looking to get their hands on the new Apple cellphone. This morning, Sunbelt researchers discovered a new custom Trojan that attempts to steal money by selling a fake iPhone. This Trojan looks custom-built and has very poor coverage by AV vendors


McAfee: Phish-BuyPhony
http://secunia.com/virus_information/39773/phish-buyphony/
http://vil.nai.com/vil/content/v_142599.htm

QUOTE: Phish-BuyPhony is a Internet Explorer Browser Helper Object (BHO) maliciously designed to hijack well known websites to steal money by masquerading Apple's iPhone on-line shop. When successful, the victim is brought to a fake site where payment is made to the crooks via Western Union or MoneyGram.


McAfee Protection: DAT 5605 provides detection for this new threat

Trend: Trojan AyFone.A Information
http://secunia.com/virus_information/39768/trojayfone.a/
http://www.trendmicro.com/vinfo/virusencyc...2EA&VSect=T

Trend: Trojan AyFone.A - Behavioral Diagram of Attack Process
http://www.trendmicro.com/vinfo/images/TROJ_AYFONE_A_BD4.gif

QUOTE: This Trojan arrives bundled with malware packages as a malware component. It can also be downloaded by a user when visiting malicious Web sites. It registers itself as a Browser Helper Object (BHO) to ensure its automatic execution every time Internet Explorer is run. It opens a popup window every time Internet Explorer is pointed to the popular Web sites www.yahoo.com and www.google.com. This popup window displays the following advertisement about the Apple iPhone.



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users