On 10 August, TechCrunch announced details of leaked information on the next iPhone battery. “In the blogosphere’s continuing quest to assemble a virtual iPhone 5 before Apple unveils a real one in September, 9to5Mac has published images of what appears to be the next iPhone’s battery. Juicy stuff!”
Now Softpedia has reported that a new round of email attacks are using this as a lure to catch Apple fans. “The emails – titled ‘iPhone 5 Battery Images Leak!!!’ – contain an attachment that appears to be a harmless Office document,” says the report.
The body of the email is a straight lift from the TechCrunch announcement (although not very well transposed): “In the blogosphere’s continuing quest to assemble a virtual iPhone = before Apple unveils a real one in September, 9to5Mac has published image = of what appears to be the next iPhone’s battery...”
It’s an example of the rapid opportunism of cybercriminals, although in this instance not particularly well enacted. It attempts to entrap users who may have heard of the battery leak, but don’t know where to find the details. The payload is an Adobe Flash exploit that seeks to deliver further malware. Symantec detects the document itself as Trojan.Mdropper, and Adobe has already patched the Flash vulnerability. Users who update their applications, in this instance Flash, and maintain up-to-date anti-virus defences should be immune.