Apple iTunes Used In Massive Phishing Attack
Emails with fake e-commerce receipts trick users into installing Zeus financial malware, giving up credit card details.
By Mathew J. Schwartz
InformationWeek
October 5, 2010 01:39 PM
Hackers gunning for credit cards have turned to spoofing iTunes receipts in a bid to trick email recipients into installing Zeus (aka Zbot) financial malware, which is designed to steal passwords and financial website access credentials.
"Victims receive a cleverly crafted email informing them that they have made an expensive purchase on iTunes," according to antimalware security firm PandaLabs. "The user, having never made the purchase to begin with, is concerned by the email and naturally tries to resolve the problem -- in this case by clicking on the proffered (fake) link."
The link leads to a malicious website which attempts to install a bogus PDF reader. If successful, multiple malicious files get downloaded and installed from a website based in Russia, then the user is redirected to a malicious website containing the Zeus Trojan.
