Top 5 Stories


Opfake criminals expand targets to include iPhone users

05 March 2012

The cybercriminals behind the Android.Opfake malware are now going after iPhone users, according Symantec.

Android.Opfake, a trojan that prompts smartphones to send text messages to premium-rate numbers, was originally discovered targeting the Android platform. Symantec researchers, however, have uncovered Opfake websites that are designed to perform social engineering attacks on iPhone users.

“The iPhone is designed to prevent the installation of applications outside of the Apple App Store. This makes life difficult for bad guys attempting to fool users into installing malicious apps in a similar manner to Android and Symbian devices. To get around this, the Opfake gang have developed a social engineering trick that does not require apps to scam site visitors”, explained Joji Hamada of Symantec.

One site attempts to trick users into thinking that their browser needs to be updated. When the user clicks on the update button, the browser is taken to an installation page.

Once the “update” is complete, the user is asked to enter the phone number in order to “protect” the device against unauthorized copying of the application. Most likely, the phone number is used to commit premium-rate messaging fraud, Hamada explained.

The second site displays a fake Android market, even though the site is viewed using an iPhone.

“It is a bit peculiar for the user that an Android market can be viewed from an iPhone, but this may be what entices users into attempting to download the apps – some of the apps are not available in the Apple App Store. Non-technical users may not be unaware that Android OS apps do not work on iOS. Like the browser trick mentioned above, the trick works by fooling the user into giving out their phone number after the 'installation' of the app”, Hamada said.

This article is featured in:
Application Security  •  Malware and Hardware Security  •  Wireless and Mobile Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×