Malware poses as fake Yellowsn0w iPhone unlocker

Malware poses as fake Yellowsn0w iPhone unlocker

Summary: Researchers from Malware-database.net are reporting on a newly discovered malware posing as a bogus iPhone unlocker, promising a working Firmware 2.

SHARE:

Researchers from Malware-database.net are reporting on a newly discovered malware posing as a bogus iPhone unlocker, promising a working Firmware 2.2.1 yellowsn0w exploit as a social engineering tactic.

The (now down) -- Wordpress blog yellowsn0w221.wordpress.com was promoting Yellowsn0w-iPhone-Unlock-3G-2-2-1-final.exe at the following IP 74.52.118.244 which is now returning a reported attack site image, presumably in an attempt by the author to cover up his activities.

Upon impersonating the DevTeam, the author attempted to spread it by posting messages across four yellowsn0w-iphone-unlock-3g-221 Google Groups, next to several BitTorrent sites.

The Dev-Team Blog promptly warned users of the bogus nature of tool:

"These are very exciting days ahead!  WWDC, the new 3.0 firmware, the new iPhone2,1 device.  All in the span of a month or two.  Nobody is more excited than we are :) Unfortunately, there are predators out there that are counting on your over-exuberance.  Maybe we should call it yell0w fever.  One very recent example is a certain yellowsn0w221 page on wordpress.com.  Do not download anything from that page if you’re on a PC, else you’ll be infected with a virus.  The page talks and talks about a supposed Firmware 2.2.1 yellowsn0w exploit, but it’s all a ruse to get you to download and infect your PC."

Upon execution, the malware attempts to use a noisy from a behavioral detection perspective approach - modifying the hosts file and redirecting a huge number of competing iPhone unlocking sites to its homepage.

Who's behind the malware? Interestingly, at 74.52.118.244 we have a parked domain Jl202site.com, which is registered to Jonathan Larso, who's been "surprisingly" posting "become a iphone unlock affiliate and make %50 of sale" messages across the Web.

Topics: Software, Apple, iPhone, Malware, Mobility, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

9 comments
Log in or register to join the discussion
  • And yet the author found it best to target windows with his iPhone "tool"

    I wonder what might have made him take that decision.
    InAction Man
    • the same thing that made Jobs finally release iTunes for windows

      A massively larger target market.
      rtk
      • Duh

        this is a no brainer! Why wouldn't jobs release iTunes for windows? It
        has not only allowed him to take a substantial portion of windows
        media player market share, btu it also allowed the iphone/ipod to
        reign as kings in the MP3 player/smartphone realm.

        In closing the move of releasing itunes for windows as well has
        allowed apple to become what it is today, that is a leader in the
        smartphone market as well as the mp3 market as well.

        Itunes is by far the best, if not most user friendly media player out
        there for regular consumers. The success and continued innovation
        through apple will continue to expand its market share on multiple
        fronts.

        I would have to say that Mac computer sales have and will also
        continue to grow as well as a by product of people falling in love with
        the concept of beauty, simplicity and cutting edge technology that is
        Apple.

        Jobs, your the man.
        Pslags
        • The Iphone is not the market leader.

          Quite simple realy.
          jdbukis
          • You may not beleive that the iPhone is not the market leader

            but it is now the most imitated smartphone out there. After all it seems like every manufacturer is in a rush to make the iphone killer - Samsung Instinct, Blackberry Storm, Palm Pre just to name a few... Hmmmm, if it's not the market leader it sure is doing a damned good impression of it.

            Quite simple really.
            athynz
        • re: Duh

          [i]this is a no brainer[/i]

          Of course it is, and that's why it was eventually done.

          [i]Why wouldn't jobs release iTunes for windows?[/i]

          Well, originally his FUD was "that'd be like handing a glass of ice water to someone in hell".

          Of course, in order for the iPod to gain more than 3% of the market, they had get all dirty and come on down to the same level as the rest of the world.

          As someone else has pointed out to you, the iPhone is not the market leader in smartphones, and iTunes is one of the crappiest, most bloated piles of dung to ever be released for Windows.

          It's what allows Jobs and Co. to keep up their FUD advertising... Sure Windows is unstable, once you drop Apple's crapware on it.

          rtk
          • and to top it off,

            iTunes is a piece of [b]$hit[/b] and no amount of crap out of you Steve Jobs jock-sniffers can change that.
            sackbut
  • Iphone Unlocking problems please help me

    hi guys i have got a gift of 3Gs iphone from my boy friend which i need to jailbreak & unlock, i ask some one but he advised me to go in internet and ask help to some one expert, please help me with step by step instructions.
    popy_le
  • RE: Malware poses as fake Yellowsn0w iPhone unlocker

    Well done! Thank you very much for professional templates and community edition
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut