Hackers target iPad owners with bogus update
Dupe Windows users into downloading backdoor Trojan; Mac owners not at risk
Computerworld - Hackers are targeting iPad users with bogus update messages that dupe them into downloading malicious code onto their Windows PCs, a security researcher said today.
The messages claim that a recent update to iTunes has been released for the iPad, according to Romanian security company BitDefender. "It is very important to keep the software on your iPad updated for best performance, newer features and security," the message reads. "To get the latest version of iTunes software, please go to ... and install the application."
The link in the message leads to a copycat of the legitimate iTunes download site, where users are asked to approve the download of a file dubbed "itunessetup.exe."
The file masquerading as the iTunes update is actually a Trojan horse that injects code into Windows' "explorer.exe" process and opens a backdoor for hackers, who then use that entrance to add more malware to the PC. The "Backdoor.Bifrose.AADY" Trojan also tries to snatch activation keys from various programs on the hacked machine and steals passwords for instant messaging clients and e-mail accounts.
Apple last refreshed the Windows and Mac software on March 30, when it updated iTunes to version 9.1; it has yet to release an update for the iPad.
"The trick is pretty simple," said Catalin Cosoi, senior antivirus and malware researcher for BitDefender. "When you have the iPad you do expect to receive messages, maybe not e-mail, but messages of some sort [from Apple] that 'We have finished an update, you have to get this update,'" Cosoi added. "They're clever to do it this way."
But because Mac users are not vulnerable to the attack, even if they head to the bogus iTunes download site, the impact of the malware-planting campaign will likely be low, Cosoi said. "If they were able to target Mac customers, it would have spread like wildfire, but because most antivirus companies detect this [Trojan], it's aimed at Windows users who have bought an iPad and who also don't run a security product."
Cosoi was unable to quantify the extent of the spam campaign, but speculated that if it mimicked others, it would be large and of short duration to trick as many people in the relatively small pool of possible victims as possible before the news got out.
Previously, Apple said it had sold more than half a million iPads in the first week of availability, although that number included all pre-orders of the WiFi-only models, which were delivered to customers April 3. However, other estimates, including one by Chitika Research, now put iPad sales above the 1 million mark.
- Apple plays hardball with iPad Mini reveal
- Apple breezes to PC sales' top spot as Windows share decays
- Analyst tallies perks of September launch of new iPhone, iPad
- Analyst predicts stellar iPad sales in next week's Apple earnings
- Nexus 7 holds up better than iPad in drop, water-dunk tests
- With iPad Mini, Apple would remain tablet king through '16, says IDC
- Apple demands ipad3.com domain
- Chrome for iOS snatches top spot on App Store
- iPad in the Enterprise: IT Must Stay Ahead of the Curve
- Skepticism mounts over Windows RT's enterprise role
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Cybersecurity Imperatives Reinvent Your Network Security With Palo Alto Networks The Rise of CyberSecurity
- 10 Things Your Next Firewall Must do Next-Generation Firewalls Defined
- Firewall Buyers Guide Operate as the core of your network security infrastructure
- Getting Started With a Zero Trust Approach to Network Security The Traditional Approach to Network Security is Failing. View Now>>
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Macintosh White Papers | Webcasts