Researchers at Sophos have uncovered a Trojan masquerading itself as a game for the Apple iPhone.
The Trojan, identified by Sophos as Troj/Agent-HNY, is being spread via e-mail as an attachment dubbed Penguin.Panic.zip after the popular “Penguin Panic” game for the iPhone. Hoping to snare unsuspecting video game fans, the spam e-mails contain subject lines such as “Virtual iPhone games!” and “Apple: The most popular game!”
“It’s your bog-standard malicious Trojan horse, designed to hand control of the compromised computer over to a third-party hacker,” said Graham Cluley, senior technology consultant at Sophos. “That hacker can then take over the compromised PC to download further malware, or launch spam campaigns, install spyware to steal your identity or launch a distributed denial-of-service attack. Because so many Trojan horses these days download additional code from the Internet, hackers can change the ultimate payload at anytime they wish-they just update the file which the Trojan tries to download.”
Ironically, the Trojan does not appear to run on Mac OS X or the iPhone-only Microsoft Windows PCs. Still, Sophos said this was the first time it has seen a piece of malware pose as an iPhone game. As it has grown in popularity, the iPhone has gotten plenty of attention from cyber-crooks and hackers looking to exploit security holes. The security issues have ranged from actual malware to the not-exactly-complex passcode bypass made public last month.
Cluley added that some of the subject lines of the spam e-mails only refer to the file as a game, so many people may be lured into clicking on it whether they have an iPhone or not.
“Inside the zip is a Windows executable file, so any Windows user who opens the zip will think that it’s a program that they can run,” Cluley said. “No doubt if they want to try out the game they will click on the icon. If they do happen to have an iPhone then they may think it is an installer to copy the game over to their mobile device.”