Lost+Found: iPhone crashes, malware families and a Firefox hack

Too short for news, too good to lose; Lost+Found is a roundup of useful security news. This time: crashing iPhones, dumping network traffic from iOS devices, ZeroAccess botnet distribution, visualising malware and its variants, silently installing malicious Firefox extensions, and Gamma International suggests someone is trying to torpedo its trojan business.

• Even the iPhone has problems with tel: URLs. When they are too long – more than 4MB – it causes iOS to crash the phone, reports Secure Coding.

• Remote Packet Capture for iOS Devices describes how to dump all of the network traffic from a connected iPhone to a Mac using tcpdump.

• F-Secure's images of the distribution of the ZeroAccess botnet leaves a sinking feeling.

• SARVAM (Search And RetrieVAl of Malware) provides a method of graphical representation and classification of (malicious) programs. A series of videos on the Sarvam Blog shows malware families, such as Zeus, and their variants; each frame of the video is a variant.

• A researcher from Zscaler has found an amazingly easy way to bypass security features in Firefox in order to silently install a malicious browser extension to any Firefox profile: the add-on just needs to be added to an SQLite 3 database named extensions.sqlite for the profile in question.

• Gamma International's Managing Director Martin J. Muench suggests that FinSpy samples were stolen by "a pressure group" to disrupt its business. However, he has no evidence of this.

(crve)