BitDefender Warns Of iPhone Jailbreaking Malware Attack

iPhone “jailbreaking” – the user taking all-inclusive command of the device, which includes running non-approved Apple applications, is apparently not without risk.

Security researchers at BitDefender, the well known security application developer, have just uncovered a malware scheme, aimed at iPhone jailbreakers, that according to BitDefender “deploys a keylogger ……. which allows the malware creators to intercept the victim’s visited sites, usernames, passwords, and bank accounts information – such as pin number, bank account numbers, passwords, etc.”

Delivery of the Trojan, identified by BitDefender as Trojan.Generic.3010833, begins with the user’s positive response to an email which offers software designed to unlock an iPhone, as the following graphic illustrates.

Graphic courtesy of BitDefender.

The body of the email reads as follows:

“Our software is compatible with all firmwares (including the latest version) and will unlock 3G, 3GS, & 2G iPhone models within just a few minutes.

You can download the iPhone unlocking software from here: http://www.unlock……………. /iphone3gs-3g.exe”

Clicking on the link triggers an executable file download to the potential victim’s computer. Running the downloaded executable (and who’s not going to at this point), triggers the installation of a Trojan which according to BitDefender “attempts to change the preferred DNS server address for several possible internet connections on the user’s computer to 188.210……………..”

The following graphic illustrates BitDefender’s security application’s response to Trojan.Generic.3010833.

Graphic courtesy of BitDefender.

Regular readers here are very familiar with the following cautions, but they bear repeating.

Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them.

Don’t open emails that come from untrusted sources.

Don’t run files that you receive via email without making sure of their origin.

Keep your computer protected. Install a security solution and keep it up-to-date.

BTW, BitDefender offers a host of highly regarded free security applications which you can checkout here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.