Panda Security detects malicious trojan used for iPhone 'pharming attacks'
TweetFollow Us on Twitter

Panda Security detects malicious trojan used for iPhone 'pharming attacks'

The aim of these pharming attacks is to steal confidential user information. The malicious payload of the Trojan can result in users being redirected to fraudulent web pages when they try to access their online bank. Victims of this attack could find that their bank details end up in
the hands of cyber-crooks, say the folks at Panda.

Pharming is a sophisticated version of phishing. It involves manipulating the DNS (Domain Name Server) through the configuration of the TCP/IP protocol or the host file. The DNS servers store the numeric address or IP address (e.g. 62.14.63.187.) associated to each domain name or URL (e.g. www. mibanco.com). The result of the cyber-criminals' interference is that when a user enters the name of a web page, the server redirects him to another number, i.e. another IP address hosting a fraudulent web page, designed to have the appearance of the original page.

In this case, the Banker.LKCTrojan is responsible for the manipulation of the DNS. This malicious code reaches systems under the name "VideoPhone[1]_exe". Once it's run, and in order to trick users, it opens a browser window (shown below) displaying a web site selling the iPhone.

image

While users are viewing this page, the Trojan modifies the host's file redirecting URLs of banks and other companies to a false web page. This way, users trying to access these banks by typing in the address or accessing them from an Internet search will be redirected to the spoof page. Here they will be asked for confidential details (account number, transaction password, etc.) which will be falling straight into the hands of cyber-crooks.

The manipulation of the host's file doesn't cause any other suspicious effect on the computer. In fact, the entire fraud is carried out without arousing the suspicion of users, as all they need to do to become a victim is enter the address of the bank. This makes the attack even more dangerous.
Luis Corrons, technical director of PandaLabs, says here's how to protect yourself against pharming:

° When you connect to a page on which confidential details are requested make sure that the URL is the same as the one you typed and that there are no additional letters or numbers, etc.

° Check the security certificate of the sites you visit. Any reliable e-commerce business will have security certification for its servers issued by a recognized security authority. There are several certification authorities, although Verisign is the most widely recognized.

° Make sure you have effective, up-to-date antivirus protection, because, as is the case here, the DNS modification is often carried out with malicious code.

"Macsimum News" is a proud supporter of Planet Gumbo, which feeds the hungry. We urge you to help them in their efforts.

 
AAPL
$493.17
Apple Inc.
+0.00
GOOG
$611.46
Google Inc.
+0.00
MSFT
$30.77
Microsoft Corpora
+0.00
MacNews Search:
Community Search:
See All

Decide Where To Eat With Hngry
On Twitter, it’s a dilemma that would be referred to as a ‘first world problem’ but it is sometimes difficult to decide which restaurant to go to for a meal. So many choices are out there and when it’s a decision that has to be made between many friends, things can get tricky. Enter Hngry, an app that may lack an ‘u’ but certainly doesn’t lack... | Read more »
Writing Kit Review
Writing Kit Review By Carter Dotson on February 10th, 2012 Our Rating: :: VALUABLE TOOLUniversal App - Designed for iPhone and iPad Writing Kit is a text editor that focuses on writing and editing text in markdown format.   | Read more »
Ragdoll Blaster 3 Review
Ragdoll Blaster 3 Review By Carter Dotson on February 9th, 2012 Our Rating: :: A BLASTiPhone App - Designed for the iPhone, compatible with the iPad Ragdoll Blaster 3 is the newest, most colorful entry in the Ragdoll Blaster franchise from Backflip Studios.   | Read more »
Call of Cthulhu: The Wasted Land Review
Call of Cthulhu: The Wasted Land Review By Rob Thomas on February 9th, 2012 Our Rating: :: ANSWER THE CALLUniversal App - Designed for iPhone and iPad Battle foul cultists and star-spawned evils amid the gas-soaked trenches of World War I in this turn-based strategy game, courtesy of Red Wasp Design.   | Read more »
Tweetbot for iPad Review
Tweetbot for iPad Review By Carter Dotson on February 9th, 2012 Our Rating: :: WELL-BUILT MACHINEiPad Only App - Designed for the iPad Tweetbot for iPad is a Twitter client, created by design-conscious iOS developer Tapbots.   | Read more »
Tic Tac Viewr is a Minty Fresh Augmented...
Smartphones are changing how we see the world. With the cameras on them becoming more and more powerful, phones are now able to see our reality and present it back to us in an augmented form. It may ultimately just be an advertisement for their “Shake it Up” campaign, but Tic Tac mints’ new Tic Tic Viewr app still shows off how novel augmented... | Read more »
Huntville Review
Huntville Review By Kevin Stout on February 9th, 2012 Our Rating: :: GREAT MULTIPLAYERiPad Only App - Designed for the iPad While Huntville may not be the most enjoyable game, it has some awesome features that can’t be overlooked.   | Read more »
The 60beat GamePad Adds Support for More...
One of the concerns with 60beat’s GamePad has been whether the device would see enough support from developers to make it worthwhile. As promised by 60beat back when it was announced, February has rolled around and some titles are beginning to support the 60beat. | Read more »
Unstoppable Gorg Review
Unstoppable Gorg Review By Kevin Stout on February 9th, 2012 Our Rating: :: UNFORGETTABLEiPad Only App - Designed for the iPad Unstoppable Gorg is an unforgettable tower defense for the iPad with a 50s sci-fi theme and some incredibly unique gameplay elements.   | Read more »
Pirates of Black Cove: Sink ‘Em All Will...
Nitro Games have announced an iOS spinoff of their pirate-themed PC game Pirates of Black Cove, Sink ‘Em All – and they have an entertaining trailer to go along with it. This will take the ship combat gameplay of the PC version and make it the featured element, essentially a naval isometric shooter with cannons to fire, and booty to plunder. Well... | Read more »
See All
All contents are Copyright 1984-2010 by Xplain Corporation. All rights reserved. Theme designed by Icreon.