Zorenium bot said to be updated for iOS, capable of various attacks

Share this article:
Researcher finds easier way to exploit iOS 7 kernel vulnerabilities
A new multipurpose bot known as Zorenium has recently been updated to work with iOS devices.

The iOS operating system is well-known for its security, but if the alleged author of a new multipurpose bot known as Zorenium is telling the truth, a recent update may put Apple mobile devices at risk.

As per a March 18 update, Zorenium – which first popped up on the scene in January and allegedly also works on Windows and Linux machines – will now run on Apple mobile devices running iOS 5 through iOS 7, according to a full description of the bot posted to Pastebin.

Zorenium is still in beta, but its author claims it has many capabilities, including distributing banking trojans, carrying out distributed denial-of-service (DDoS) attacks, form grabbing, and Bitcoin mining, according to the post, which explains how the malware is well-protected against anti-virus and anti-malware solutions.

The bot is also said to feature fake shutdown modules, which trick victims into thinking they are shutting down their hardware. In reality, Zorenium is using fake shutdown images, dropping the device into standby, and delaying the fans to create the illusion the device is off.

The author is offering various packages of Zorenium, with costs ranging from about $570 to about $8,000, but some in the community are suggesting that Zorenium was never completed and the posting is a sham.

Beginning March 20, Israel-based cyber intelligence company SenseCy began releasing some preliminary research on Zorenium based on developer notes and certain discussions in Russian underground forums, but the company has not been able to carry out any hands-on analysis.

“We have yet to been able to acquire a sample of the bot and do not have any additional technical details over what is specified in the release notes of the malware's author,” Assaf Keren, CTO of SenseCy, told SCMagazine.com in a Tuesday email correspondence.

Whether Zorenium is fake or not, mobile devices, particularly those running the Android operating system, are increasingly becoming targets for attackers and Keren said he expects that trend will continue to rise.

“In my mind, both Android and iOS are being targeted and continue to be targeted and, [in my honest opinion], it is only a matter of time until somebody finds a [zero-day vulnerability] in Apple's iOS and uses it in order to create an iOS based botnet,” Keren said.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.