Zorenium bot said to be updated for iOS, capable of various attacks

Share this article:
Researcher finds easier way to exploit iOS 7 kernel vulnerabilities
A new multipurpose bot known as Zorenium has recently been updated to work with iOS devices.

The iOS operating system is well-known for its security, but if the alleged author of a new multipurpose bot known as Zorenium is telling the truth, a recent update may put Apple mobile devices at risk.

As per a March 18 update, Zorenium – which first popped up on the scene in January and allegedly also works on Windows and Linux machines – will now run on Apple mobile devices running iOS 5 through iOS 7, according to a full description of the bot posted to Pastebin.

Zorenium is still in beta, but its author claims it has many capabilities, including distributing banking trojans, carrying out distributed denial-of-service (DDoS) attacks, form grabbing, and Bitcoin mining, according to the post, which explains how the malware is well-protected against anti-virus and anti-malware solutions.

The bot is also said to feature fake shutdown modules, which trick victims into thinking they are shutting down their hardware. In reality, Zorenium is using fake shutdown images, dropping the device into standby, and delaying the fans to create the illusion the device is off.

The author is offering various packages of Zorenium, with costs ranging from about $570 to about $8,000, but some in the community are suggesting that Zorenium was never completed and the posting is a sham.

Beginning March 20, Israel-based cyber intelligence company SenseCy began releasing some preliminary research on Zorenium based on developer notes and certain discussions in Russian underground forums, but the company has not been able to carry out any hands-on analysis.

“We have yet to been able to acquire a sample of the bot and do not have any additional technical details over what is specified in the release notes of the malware's author,” Assaf Keren, CTO of SenseCy, told SCMagazine.com in a Tuesday email correspondence.

Whether Zorenium is fake or not, mobile devices, particularly those running the Android operating system, are increasingly becoming targets for attackers and Keren said he expects that trend will continue to rise.

“In my mind, both Android and iOS are being targeted and continue to be targeted and, [in my honest opinion], it is only a matter of time until somebody finds a [zero-day vulnerability] in Apple's iOS and uses it in order to create an iOS based botnet,” Keren said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.