Trojan Exploits Users Interest in the iPhonePanda Security, a leading IT security solutions vendor, announced on September 24, 2008 that PandaLabs, a laboratory for spotting and assessing malware of Panda Security, has detected Banker.LKCTrojan, a Trojan that disguises as a video of the iPhone. This Trojan, according to PandaLabs, is currently the focus of a new series of pharming attacks launched to infect end-users with malware, as reported by MarketWatch on September 24, 2008. Relatively more advanced form of phishing, 'pharming' targets iPhone fans directly and is involved in manipulating the DNS (Domain Name Server) through the TCP/IP protocol settings or the configuration of host file. Normally, DNSs store the IP address or numeric address, for e.g. 72.1.62.137, associated with every domain name or the URL like www.iphoneworld.ca. Thus, due to cyber-criminals interference, the server diverts the user to a different IP address that hosts a malicious Web page, appearing to look like the actual page. In the current case, the Banker.LKCTrojan helps in the DNS manipulation. The malware reaches systems as an executable file named VideoPhone[1]_exe. Once executed, the Banker Trojan hides its activities by displaying a browser box and showing a page that sells iPhones. In reality, Banker modifies the victim computer's host file by changing the IP addresses of the bank domains to lead him to a fraudulent site. Here the victim is encouraged to provide personal information like passwords and account numbers to enable identity theft. Nevertheless, the manipulation of the host file does not lead to any suspicious impact on the victim PC. In fact, the fraud takes place without arousing the user's suspicion, as the user could turn a victim simply by entering the bank's address, making the blow even more perilous. The chief defense against Banker is believed to be suitable anti-virus software that would stop the Trojan from modifying host files. Moreover, it is fairly simple to detect the infection, as hoax sites would often contain misspelled URLs, and not have security certificates from companies like VeriSign. Related article: Trojans to Target VoIP in 2006 » SPAMfighter News - 04-10-2008
Share and tell your friends!
| All SPAMfighter products offer a free trial!
SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.
Optimize your Slow PC for better performance. Try FREE scan now
SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.
Remove Spyware with SPYWAREfighter - Free 30 days trial
Antivirus software for your Windows PC - Free 30 days trial | ||||||||||||||||||||||||||||
| <<< | >>> | ||||||||||||||||||||||||||||
SPAMfighter is
