Botnet Being Used to Malign More iCloud Security
Symantec, a security vendor, confirms the news of iCloud users being targeted with a botnet after the theft of photos of celebrities from their accounts of iCloud and leaking them online. Recently, there was a news of theft of nude photographs from the iCloud accounts of many female actresses and models by hackers and leaked some of them on public websites.
Symantec reported that the Kelihos, a renowned botnet is sending out bogus emails impersonating Apple informing users that they have bought the movie 'Lane Splitter' with their iTunes account with the help of a PC or some other device which was not connected with their Apple account before and urges them to give their ID details.
According to news published by computerworld.com on 8th September, 2014, the incident received so much media and online attention that CEO of Apple Tim Cook announced that the company will send security notifications to users via email and push messages whenever changes in iCloud account happen. Symantec said that the timing of the assault may not be mere coincidence.
The controllers of botnet could exploit public fears about security of Apple IDs to lure people to surrender their credentials. Symantec noted that this isn't the first time Apple IDs have been attacked. Symantec said that the botnet sent the email includes an IP address apparently situated in Volgograd, Russia which asserted to have been employed to make the claimed purchase.
Users are advised to use two-step authentication for their Apple ID accounts to prevent unauthorized access to their accounts even when their usernames and passwords are compromised. Moreover, authors of Kelihos botnet are expert in exploiting current events.
For example, in August 2014, they launched a spam campaign encouraging Russian-speaking users to install a program on their computers which could be used in distributed denial-of-service (DDoS) attacks against websites of Western governments in response to the recent international sanctions against Russia. Later the security firm revealed that the spam emails actually linked to a variant of Kelihos malware and not a DDoS program.