• United States



by Dave Gradijan

New Botnet Targets iPhone Buyers

Jul 17, 20071 min
CSO and CISOData and Information Security

Apparently enough people are buying iPhones online that cybercriminals want in on the action.

A new botnet has emerged this week that presents infected PC users with a phony webpage selling iPhones, then steals any financial or personal information entered into the page.

The botnet, or army of PCs infected by the same malware that controls them without the user knowing it, is orchestrated by a Trojan called Aifone.A, according to PandaLabs, the threat-analysis division of security company Panda Software.

When the user of an infected PC goes to Apple’s official iPhone webpage to purchase the product, the malware instead displays a phony page designed to look like the authentic one, they say. Any information entered in the phony page is captured by the botnet controller.

PandaLabs says this botnet is sophisticated enough to divert search results for the iPhone to the phony site, and can even display pop-ups and banners to send users to the spoofed website.

The company says there are currently 7,500 zombies, or compromised PCs, that make up this botnet.

— Cara Garretson, Network World (US)