iPhone Used As Bait For Malicious Web Site

The malicious site is set up to use 10 different ActiveX vulnerabilities to install a rootkit that turns the infected machine into a bot.

Sharon Gaudin, Contributor

July 2, 2007

2 Min Read

Hackers were quick to jump on the iPhone bandwagon, spamming out e-mails that lure users to malicious Web sites that infect their machines and turn them into bots.

Researchers at security company Secure Computing discovered a Web site set up to exploit more than 10 ActiveX vulnerabilities in an attempt to install a malicious payload, which includes a rootkit. This piece of malware is designed to open up a back door in the computer and turn it into a bot that fills out the hackers' botnet.

"This yet again confirms the expanding trend in Web-borne malware," Paul Henry, VP of technology evangelism for Secure Computing, said in a written statement. "This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit/spam bot malware. While most organizations fully inspect the traffic directed to their Internet facing Web servers, many do not inspect the traffic that is returned to their internal users when visiting Internet Web sites."

Hackers set up the bot to send out spam, according to a Secure Computing advisory. Since the malware is rootkit-based, explained researchers, it would be simple for a hacker to update the malware anytime he wants to carry out other malicious tasks, like key logging to capture the user's financial credentials.

Apple's iPhone went on sale at 6 p.m. on Friday, June 29. An amazing amount of attention surrounded the device's release in the weeks leading up to it. Ken Dulaney, VP of mobile computing at Gartner, said in an interview that he had never seen so much excitement and publicity about a gadget as there was for the debut of the iPhone. "To me there's [been] nothing comparable to this," he said.

With that much interest swirling around the Internet, it was only a matter of time before hackers and malware writers used it to their advantage.

"Because of the popularity of the iPhone brand, this is the first in what's bound to be a series of scams involving the iPhone," said Henry.

In April, security company Sophos reported that its researchers were finding an average of 5,000 newly infected Web pages every day. With computer users becoming more aware of how to protect against e-mail-based malware, hackers have turned to the Web as their preferred vector of attack.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights