December 13, 2007

iPhone will be 'primary target' for hackers in 2008

Apple's iPhone will be a "primary target" for cybercriminals in 2008, a security company predicted today..

Arbor Network's Security and Engineering Response Team (ASERT) forecast that the iPhone will become "the victim of a serious attack" in 2008.

According to the firm, these assaults are likely to be in the form of drive by attacks - malware embedded into seemingly harmless information, images or other media that actually perform dangerous actions when rendered on the iPhone's web browser.

With the scrutiny the iPhone has received since its launch earlier this year over network lock-in, Arbor believes that hackers will be enticed by the possibility of attacking Apple users and the opportunity to "be the first" to hack a new platform.

The company also predicted a rise in 'Chinese on Chinese' cybercrime.

In the past year the team has seen a dramatic increase in the attention paid to Chinese-language specific software such as QQ Messenger and a number of malware samples focused on stealing users credentials. Arbor expects this trend to multiply in 2008 as more Chinese users come online, more software is written for the market and Chinese cybercriminals become increasingly more sophisticated and organised.

"2007 was the year of the browser exploit, the data breach, spyware and the storm worm. We expect 2008 to be the year of the iPhone attack, the Chinese Hacker, P2P network spammers and the hijacking of the Storm botnet," said Jose Nazario, senior security engineer at Arbor Networks.

Researchers warn of Microsoft Access Database exploit

Targeted phishing emails are attempting to infect the machines of users' who are tricked into opening malicious Microsoft Access Database (MDB) files, US-CERT (United States Computer Emergency Readiness Team) said in a warning this week.

Targeted phishing emails are attempting to infect the machines of users' who are tricked into opening malicious Microsoft Access Database (MDB) files, US-CERTsaid in a warning this week.

The bogus files attempt to take advantage of a stack-based buffer overflow vulnerability that occurs when Microsoft Access processes specially crafted database files, according to the advisory. Should a user click on a corrupted file, their machines could be pounded with malicious software.

Microsoft considers MDB files, which allow for embedded script, unsafe.

"Various Microsoft applications prevent users from opening this type of file, or warns them before they open the file," a company spokesman told SCMagazineUS.com today in an email.

The spokesman confirmed that Microsoft was aware of public exploit reports.

Craig Schmugar, threat research manager for McAfee Avert Labs, told SCMagazineUS.com that the attacks likely take advantage of either of two unpatched Microsoft Jet Database vulnerabilities.

Researchers at McAfee have spotted the flaws being exploited in a limited manner, mostly targeting "entities related to government," he said.

Schmugar said socially engineered attacks hoping to leverage the flaw may succeed because users tend to trust certain files.

"People might think it's an Office document," he said. "They might be less apprehensive about accessing it."

Meanwhile, businesses should ensure they block MDB files at the email gateway, the US-CERT warning advised.

"While Microsoft treats them as unsafe, many companies may not," Schmugar said.