iPhone jailbreaking: legal, but dangerous

July 2010 Information Security

After the announcement that iPhone jailbreaking has become legal in US, a malware-spreading campaign targeting the 'iPhone unlocking' fans goes to confirm that cybercriminals never lack imagination.

Owners of iPhones are one step closer to taking total control of their widgets, after US pronounced legal the practice of 'jailbreaking', on Monday, 26 July 2010.

This means that anyone can jailbreak or unlock any cellphone without fear of legal consequences. Still, iPhone unlocking fans should pay attention to the software they download for this operation, because cybercriminals never sleep.

And this is how the story goes: you receive an e-mail in which you find out that you might get a new application for iPhone jailbreaking. All you have to do is click a link that will take you to the web page on which the desired software awaits you.

Figure 1: The e-mail offering the wonder-software
Figure 1: The e-mail offering the wonder-software

As you go further into this labyrinth and click the link, an exe file attempts to download onto your computer. But once saved and run, the executable opens up the way for a nice Trojan.

Figure 2: The software proves to be malware
Figure 2: The software proves to be malware

Identified by BitDefender as Trojan.Generic.3010833, this piece of malware is a keylogger that transmits everything the user writes on the computer to a specific e-mail address, in this particular case to directory[REMOVED]@hotmail.com.

This allows the malware creators to intercept the victim’s visited sites, usernames, passwords, bank accounts information, such as pin number, bank account numbers, passwords, etc.

In order to stay safe, never open suspicious links or attachments without scanning them first. Install and update a complete antimalware software solution.

For more information contact Alina Anton, senior PR and marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, aanton@bitdefender.com, www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Time is of the essence
Information Security
Ransomware attacks are becoming increasingly common. Yet, many individuals and organisations still lack a clear understanding of how these attacks occur and what can be done to secure their data.

Read more...
All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Read more...
The song remains the same
Sophos Information Security
Sophos report found that telemetry logs were missing in nearly 42% of the attack cases studied. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide their tracks.

Read more...
How hackers exploit our vulnerabilities
Information Security Risk Management & Resilience
Distractions, multi-tasking, and emotional responses increase individuals’ vulnerability to social engineering, manipulation, and various forms of digital attacks; 74% of all data breaches included a human element.

Read more...
Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Read more...
Veeam and Sophos in strategic partnership
Information Security
Veeam and Sophos unite with a strategic partnership to advance the security of business-critical backups with managed detection and response for cyber resiliency, and to quickly recover impacted data by exchanging critical information.

Read more...
Unmasking insider risks
Information Security
In today’s business landscape, insider risks can manifest in various forms, including data theft, fraud, sabotage, insider trading, espionage, whistleblowing, negligence, truck hijacking, goods robbery from warehouses, and more.

Read more...
When technology is not enough
Information Security
[Sponsored] Garith Peck, Executive Head of Department for Security at Vodacom Business, writes about the importance of creating a cybersecurity strategy in a world where threats never sleep.

Read more...
Identity verification and management trends
Technews Publishing Information Security
Insights into what we can expect from identity fraudsters and the industry next year, ranging from criminal exploitation of AI and digital IDs to multi-layer fraud protection and the need for more control over personal information sharing.

Read more...
From vulnerabilities to vigilance
Information Security
It is an unfortunate reality that generative artificial intelligence (GAI) has been embraced by cybercrime organisations, resulting in drastic changes in attack methods, strategies, and technologies, says Stephen Osler from Nclose.

Read more...