Security fears emerge over fake iPhone website

Hackers are targeting prospective iPhone users with a fake website that steals personal information from unsuspecting victims, according to experts.

Security fears emerge over fake iPhone website

Hackers are targeting prospective iPhone users with a fake website that steals personal information from unsuspecting victims, according to experts.

Researchers at anti-virus company Panda Software discovered that cybercriminals have developed a trojan, called Aifone.A, that takes control of a user’s computer and then directs the victim to a fake iPhone website. The fake page asks users to enter their bank details in return for the new Apple device.

The hackers used a new malware creation tool to develop the trojan and this malware can even create pop-ups and ads on the compromised computer’s browser that link to the fake website.

The tool to develop the trojan has a tab that specifies what web pages the bot must redirect from and to. In this case, the tool sends users that want to visit the iPhone official pages to a false web page.

Another tab in the tool allows hackers to subvert user’s search queries to lead again to a fake website.

“This is one of the most sophisticated attacks we have seen targeting a user community, in this case iPhone users. It is a really complex, dangerous attack that combines elements of malware, phishing and even adware,” said Luis Corrons, technical director at PandaLabs.

“The real danger behind this attack is the fact that, in the same way that it is now being used to affect users that want to buy an iPhone, it could be slightly modified and used to affect users interested in any other product, or even several groups of users simultaneously, which would increase the cyber-criminals’ chances of success,” he said.

The problem website came to light as security firm Symantec issued a tentative endorsement of the iPhone’s security levels.

Eric Chien, security expert at Symantec, explained in his blog: “In the default out-of-the-box configuration for the average user, you can not run code on the device. This makes the platform less risky than other mobile platforms and desktop operating systems like Windows.”

Despite unconfirmed reports of vulnerabilities, he added, the “chances of widespread infection are currently low”.

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

Todays Highlights
How to See Google Search History
how to download photos from google photos