Hackers target iPad owners with bogus update
Dupe Windows users into downloading backdoor Trojan; Mac owners not at risk
Computerworld - Hackers are targeting iPad users with bogus update messages that dupe them into downloading malicious code onto their Windows PCs, a security researcher said today.
The messages claim that a recent update to iTunes has been released for the iPad, according to Romanian security company BitDefender. "It is very important to keep the software on your iPad updated for best performance, newer features and security," the message reads. "To get the latest version of iTunes software, please go to ... and install the application."
The link in the message leads to a copycat of the legitimate iTunes download site, where users are asked to approve the download of a file dubbed "itunessetup.exe."
The file masquerading as the iTunes update is actually a Trojan horse that injects code into Windows' "explorer.exe" process and opens a backdoor for hackers, who then use that entrance to add more malware to the PC. The "Backdoor.Bifrose.AADY" Trojan also tries to snatch activation keys from various programs on the hacked machine and steals passwords for instant messaging clients and e-mail accounts.
Apple last refreshed the Windows and Mac software on March 30, when it updated iTunes to version 9.1; it has yet to release an update for the iPad.
"The trick is pretty simple," said Catalin Cosoi, senior antivirus and malware researcher for BitDefender. "When you have the iPad you do expect to receive messages, maybe not e-mail, but messages of some sort [from Apple] that 'We have finished an update, you have to get this update,'" Cosoi added. "They're clever to do it this way."
But because Mac users are not vulnerable to the attack, even if they head to the bogus iTunes download site, the impact of the malware-planting campaign will likely be low, Cosoi said. "If they were able to target Mac customers, it would have spread like wildfire, but because most antivirus companies detect this [Trojan], it's aimed at Windows users who have bought an iPad and who also don't run a security product."
Cosoi was unable to quantify the extent of the spam campaign, but speculated that if it mimicked others, it would be large and of short duration to trick as many people in the relatively small pool of possible victims as possible before the news got out.
Previously, Apple said it had sold more than half a million iPads in the first week of availability, although that number included all pre-orders of the WiFi-only models, which were delivered to customers April 3. However, other estimates, including one by Chitika Research, now put iPad sales above the 1 million mark.
- Office for iPad apps ring up 27M downloads
- Apple plays hardball with iPad Mini reveal
- Apple breezes to PC sales' top spot as Windows share decays
- Analyst tallies perks of September launch of new iPhone, iPad
- Analyst predicts stellar iPad sales in next week's Apple earnings
- Nexus 7 holds up better than iPad in drop, water-dunk tests
- With iPad Mini, Apple would remain tablet king through '16, says IDC
- Apple demands ipad3.com domain
- Chrome for iOS snatches top spot on App Store
- iPad in the Enterprise: IT Must Stay Ahead of the Curve
- Improving IT Efficiencies: Four Advantages of Multi-Tenant Data Centers Increasing demands on IT are forcing organizations to rethink their data center options. For many organizations, that means turning to the flexibility afforded...
- Accelerating Cloud Deployment and Operations with Managed Services Companies that do not have sufficient in-house expertise to either deploy or maintain an IaaS cloud should turn to Managed Service Providers .
- Rethinking IT Operations in the Cloud This paper breaks down the challenges that often prevent the cloud from delivering the fast, flexible and affordable infrastructure companies seek - and...
- Gartner Magic Quadrant for Cloud-Enabled Managed Hosting, North America Cloud-enabled managed hosting brings cloudlike consumption and provisioning attributes to the traditional managed hosting market
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Macintosh White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!