Android.Opfake, a trojan that prompts smartphones to send text messages to premium-rate numbers, was originally discovered targeting the Android platform. Symantec researchers, however, have uncovered Opfake websites that are designed to perform social engineering attacks on iPhone users.
“The iPhone is designed to prevent the installation of applications outside of the Apple App Store. This makes life difficult for bad guys attempting to fool users into installing malicious apps in a similar manner to Android and Symbian devices. To get around this, the Opfake gang have developed a social engineering trick that does not require apps to scam site visitors”, explained Joji Hamada of Symantec.
One site attempts to trick users into thinking that their browser needs to be updated. When the user clicks on the update button, the browser is taken to an installation page.
Once the “update” is complete, the user is asked to enter the phone number in order to “protect” the device against unauthorized copying of the application. Most likely, the phone number is used to commit premium-rate messaging fraud, Hamada explained.
The second site displays a fake Android market, even though the site is viewed using an iPhone.
“It is a bit peculiar for the user that an Android market can be viewed from an iPhone, but this may be what entices users into attempting to download the apps – some of the apps are not available in the Apple App Store. Non-technical users may not be unaware that Android OS apps do not work on iOS. Like the browser trick mentioned above, the trick works by fooling the user into giving out their phone number after the 'installation' of the app”, Hamada said.