• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Trojan › Found trojan that attempts to steal money by selling a fake iPhone

Found trojan that attempts to steal money by selling a fake iPhone

Myantispyware team July 3, 2007     No Comment    

Sunbelt team reported about new trojan that attempts to steal money by selling a fake iPhone. The malware produces a popup, triggered by going to yahoo.com or google.com. There are multiple types of popups, including one saying “supported by Google” and one “supported by Yahoo”.

Normally, when you go to iPhone.com, you get redirected to Apple’s site — http://www.apple.com/iphone/. On an infected system, you get directed to a custom “iphone.com” which actually is a fake site. The Trojan is pulling content from your local disk in a file that has been created in %system%\confg.xml and creating BHO (Browser Helper Object)

BHO: {AA7F2000-EA05-489d-900C-3C7C0A5497A3} – C:\WINDOWS\system32\rwera21s1.dll

They are using this BHO to inject code into Internet Explorer to make it appear as if you are on a website owned by Apple. The same technique is used by malware to target banking websites.

Read more: iPhone madness: This hot phone now sold through malware

Trojan

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

ShieldBrowser detections
How to remove ShieldBrowser adware (Virus removal guide)
hauphuchaum.com
How to remove Hauphuchaum.com pop-ups (Virus removal guide)
Indexforcaptchas.top
Indexforcaptchas.top Virus (removal guide)
WebCouponSearch
How to uninstall WebCouponSearch from Chrome, Firefox, IE, Edge
protectionyoupc.com scam
Protectionyoupc.com POP-UP SCAM (Virus removal guide)

Follow Us

Search

Useful Guides

Tech Support Scam
Remove Tech Support Scam pop-up virus [Microsoft & Apple Scam]
Iphone Calendar virus spam
Iphone Calendar Virus/Spam (Removal guide)
How to remove pop-up ads [Chrome, Firefox, IE, Opera, Edge]
remove android virus
How to remove virus from Android phone
This setting is enforced by your administrator (Removal guide)

Recent Posts

Found new fake codec and new rogue antispyware
Automatic removal HaxDoor trojan
Automatic removal MBS Account Manager
Found new spysheriff variants – Malware Stopper, Malware Panacea
New way for push exploit to your PC

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2020 My AntiSpyware - Free antispyware programs and Spyware Removal Instructions.