Zombie botnet targets iPhone buyers

Would-be iPhone owners are being targeted by a 7,500-strong zombie botnet, security experts have warned. PandaLabs said that buying an iPhone online could cost surfers a lot more than the advertised price if their computers become infected by the Aifone.A Trojan.

Users of an infected PC who try to buy an iPhone online will be taken to a false page that appears to be the official iPhone page. If the user tries to buy the phone from the spoof page, they will be giving their bank details to cyber-criminals. PandaLabs said that it has uncovered a special tool used by cyber-criminals to control the botnet.

View: The full story
News source: vnunet

Report a problem with article
Previous Story

Zune DRM stripped

Next Story

Firefox gains at Microsoft's expense

18 Comments

Commenting is disabled on this article.

As much as I don't like Apple, this doesn't have anything to do with the iPhone other than that it's a lure. The article is vaguely written, but what it says is people are being targeted by a phishing scam in banner ads. Go buy your phone where Apple says they're for sale: Apple and AT&T stores.

umm, huh. it has all to do with apple, cross site scripting means the sites selling the phones are vulnerable, this is apples fault as they designed the website, it may have very little to do with the actual iPhone but hey it's still apples fault, why do people always somehow seem to find an excuse for apple

...are being targeted by a 7,500-strong zombie botnet...

I am still astonished that these botnets can and do continue to exist.

These things can't exist in a vacuum. While they can stay hidden as long a they don't do anything, as soon as they act, they can be found and neutralized – no matter where they are. I'd sure like to know why no one in authority seems to be doing very much (if anything) about them. :mad:

So, just curious, how can they be neutralized?

I mean other than reporting the IP to the users ISP, and hoping that they will actually do something.

Close: reporting the IP to the user's ISP and forcing them to do something.

If it means passing some laws, what the big challenge there?

Octol said,
Close: reporting the IP to the user's ISP and forcing them to do something.

If it means passing some laws, what the big challenge there?

The users that are infected arent the criminals so reporting their IPs wont do anything, the hacker is anonymous. And all the ISPs can do is cut off your internet they dont hace access to your files, they cant do anything about the infected zombies.

why are you astonished, if you are then you don't understand in any way how botnets work, and yes they can exist in a vacuum, no reason it can't, just can't do a lot of damage if it is in a vaccumm, The reason these botnets exist is because of stupid users not updating their computers ever and not running any AV software. do you actually know what a botnet is, they can't be just stoped becasue someone knows where they are, that in itself is almost impossible as botnets are distributed all across the world and on computers that the users have no idea they are infected.

i am just curious as to how you believe they can be stopped so easily.

now for starters "Close: reporting the IP to the user's ISP and forcing them to do something." which ISP do you weant to report it to, the botnet will be running across multiple ISP's most likely even if one blocks it all the rest of the bots are still running. theres probably 7500 ISP's this one needs to get reported to, can you be bothered tracking 7500 bots back to where they originate. now which country do you want to deal with, for this to even come close to working, the entire world needs to have the laws (try forcing china and russia to agree to them) secondly, someone needs to track all the bots back to their origins.

whocares78 said,
The reason these botnets exist is because of stupid users not updating their computers ever and not running any AV software.

Right. And infected computers are the machine equivalent of humans infected with a contagious disease. So what happens when people contract life-threatening infectious diseases? Those individuals are quarantined to protect society – against their will if necessary.

So if people can be quarantined for their diseases, why not computers? Why should machines infected with viruses or trojans that wreak havoc on the Internet at a huge social and financial cost to everyone continue to be allowed to endlessly infect other computers without society acting to stop it? And I'm not talking about tracking 7500 or 75,000,000 bots at once. I'm talking about one computer at a time. You only need international legislation that requires ISPs to shut down the Internet connection of each infected computer as it's detected and you'll begin to see the problem resolved.

Think about it. How many people do you think will continue to ignore basic computer security if they know they'll be shut down if they get infected? After a very short while, not very many I'll wager! Most will find that using automatic updating and installing antivirus and/or firewall software is a cheap alternative to having their computers cleaned and certified as being virus free and protected to get online again!

Of course accomplishing this won't be easy. There has to be a political will to act in most nations around the planet for this to happen. But it can – and should – be done. Otherwise this crap never ends. However, for this to work, there has to be a level playing field. All ISPs must be required to participate, since no ISP will unilaterally shut down a client's connection if that client can just move to another ISP. Pretty soon that ISP would be out of business. So it's all or none. I vote for all.

Firstly a botnet is not a virus or Trojan it's a botnet. From reading your post you have no idea what it actually is

I have not seen people with AIDS quarantined because that would be against their rights and if you did try they would complain (i.e. you block someone’s internet, they complain and move to different ISP), a whole bunch probably don't even know they are infected with aids (just like the computer users that are infected) and quite possibly are infecting more and more people, how do you catch/find them. The analogy does fit, just not the way you want it to.

Just a comment on the one at a time thing, by the time you find and stop one, the owner of the botnet has probably infected another ten. now as for Telling the ISP that a user on their network has a bot, ISP blocks said bot, user that had no idea they even had a bot gets real mad because they can't get email, moves to different ISP BOT still on their machine, New ISP blocks said user poor user has no idea he even has a bot. oh yeah problem not resolved as bot still exists on said users computer, now said user just can't access anything on the net.

People will ignore basic computer security as they don’t know any better, all the ones that do it now will do it then, all you will get is a lot of angry people abusing ISP’s for blocking their internet connection. You will not solve or even come close to fixing the problem. I would be willing to wager whatever you like, it won’t make a difference, I know this because I tell users to update and they still don’t I tell them having old AV definitions is useless and they may as well remove it, but they still don’t get they have to update.

Having all that is a cheap alternative to loosing all your data and a windows re-install, but that doesn’t stop them

As for the last part, I don’t think you will even get half the countries in the world to agree to any sort of legislation.

whocares78 said,
Firstly a botnet is not a virus or Trojan it's a botnet.

No sh¡t, Einstein.

Now I suppose you're going to tell me that botnets are never used for nefarious purposes like infecting computers with viruses and trojans or launching DoS attacks. It's just some of the boys out having a little innocent fun that doesn't hurt anybody, right?

Jesus.

ISP blocks said bot, user that had no idea they even had a bot gets real mad because they can't get email, moves to different ISP

People will ignore basic computer security as they don’t know any better, all the ones that do it now will do it then, all you will get is a lot of angry people abusing ISP’s for blocking their internet connection.


I guess you've never heard of the concept of notification. That's where companies actually inform their customers that they are going to do something before they do it. Like the phone company telling you they're going to shut off your phone if you don't pay your bill. Happens all the time.

In this case, if quarantine legislation was passed, ISPs would first notify all their customers that laws had been passed that requires them to shut down any computers that are spreading malware on the Internet, and that they should immediately take whatever action is necessary to secure their computers.

Then, when said customers ignore the warnings from their ISPs and get infected anyway, the ISPs inform them that they are infected and that they about to be shut down.

So really there is no question about people not knowing why they're being shut down or who's to blame for it. They'd also know that there would be no reason to get mad at their ISPs for shutting them down any more than they would get mad at a grocery store for collecting sales taxes.

Octol said,
Now I suppose you're going to tell me that botnets are never used for nefarious purposes like infecting computers with viruses and trojans or launching DoS attacks. It's just some of the boys out having a little innocent fun that doesn't hurt anybody, right?

no quite the opposite, they are almost entirely used for dodgy purposes

I guess you've never heard of the concept of notification. That's where companies actually inform their customers that they are going to do something before they do it. Like the phone company telling you they're going to shut off your phone if you don't pay your bill. Happens all the time.

i am just commenting on what is before my eyes, what you mention actually happens now! most ISP's wil warn their customers about bots etc etc. i am saying you can't just block people which is what the previous comment indicated

you don't have to just tell them they are infcted, you need to tell them how to not be infected. your comments are indeed valid, unfortunatley there are wau too many stupid users out there. adn way too many botnets to take down