[NYTr] CERT Warns of Fake iPhone Upgrade Containing Malware
All the News That Doesn't Fit
nytr at blythe-systems.com
Thu Jan 10 19:52:45 EST 2008
Information Week - Jan 9, 2008
http://www.informationweek.com/news/showArticle.jhtml?articleID=205601608
Phony iPhone Upgrade Hides Malware
Computer security experts say the "iPhone firmware 1.1.3 prep" is
designed to dupe people into downloading it as the Macworld Expo show
opens next week.
By Thomas Claburn
InformationWeek
Your Apple iPhone could be infected with potentially malicious Trojan
software because of a fake upgrade download, computer security
officials with US-CERT warned Wednesday.
"This Trojan claims to be a tool used to prepare the device for an
upgrade to firmware version 1.1.3," the US-CERT advisory said. "When a
user installs the Trojan, other application components are altered. If
the Trojan is uninstalled, the affected applications may also be
removed."
The Trojan appears to be timed to exploit rumors that began in early
December about new features in an upcoming iPhone firmware upgrade.
Various online news sites and blogs cited a report published by CNET
France that claimed an imminent iPhone update would feature a disk
mode, for using the iPhone as a portable flash drive, and a voice
recording mode.
Malware authors now regularly craft attacks that play off current news
and events. The Storm worm, for example, initially spread through an
e-mail message that made reference to what was in January 2007 a recent
storm. With the Consumer Electronics Show this week and the Macworld
Conference & Expo next week, malware masquerading as an iPhone upgrade
will likely dupe more people than it would otherwise.
On Monday, Symantec identified the malicious software as "iPhone
firmware 1.1.3 prep."
In a blog post, Symantec security researcher Orla Cox observes that
installing the software doesn't appear to have much of an effect on the
iPhone, but warned that uninstalling it could overwrite other iPhone
applications.
"This is technically the first Trojan horse seen for the iPhone,
however it does appear to be more of a prank than an actual threat,"
said Cox. "The impact of uninstalling the 'Trojan' would appear to be
an unintended side effect. The risk to users is minimal as they would
have to choose to install the bogus package and the site which was
hosting it has now been taken offline. Nevertheless, iPhone users
should exercise caution regarding the packages they choose to install
on their phones."
More information about the NYTr
mailing list