iPad users targeted by backdoor dissembled as iTunes update

May 2010 Cyber Security

An e-mail invitation to an iTunes update gets iPad users’ PCs into backdoor trouble. 

Success stories are cybercriminals’ go to sources of victims and the iPad craze could not have been left out of this picture.  According to some reports, Apple sold 150 000 iPads in the first 60 hours of presale availability, with almost 100 000 of these coveted devices being pre-ordered in the first 10 hours. The figures make it clear as daylight why malware creators were so keen on crashing this promising party.

The invitation to the 'contagious fiesta' comes via the e-mail: an unsolicited message instructs iPad users to download on their PCs the latest version of the iTunes software as a preliminary step to an update of their iPad software.

Figure 1. The fake iPad software update announcement
Figure 1. The fake iPad software update announcement

To carry conviction, the e-mail emphasises that users should keep their iPad software updated 'for best performance, newer features and security'.

It goes on to clarify the multistep procedure by pointing out that in order for the update to be performed the latest version of iTunes should first be downloaded from the Internet. A direct link to the download location is conveniently provided. As a proof of cybercrime finesse, the webpage the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.

Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data as instead of the promised iTunes update they get malware on their systems.

Figure 2. The download  that will turn the update into a nightmare
Figure 2. The download that will turn the update into a nightmare

Identified by BitDefender as Backdoor.Bifrose.AADY, the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe process and opens up a backdoor that allows unauthorised access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.

It is important to say that Mac users remain unaffected by this piece of malware.

For more information contact Alina Anton, senior PR and marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, aanton@bitdefender.com, www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Introducing adaptive active adversary
Cyber Security Products
New adaptive active adversary protection; Linux malware protection enhancements; account health check capabilities; an integrated zero trust network access (ZTNA) agent for Windows and macOS devices; and improved frontline defences against advanced cyberthreats and streamline endpoint security management.

Read more...
Eleven steps to an effective ransomware response checklist
Editor's Choice Cyber Security
Anyone is a viable target for ransomware attacks and should have a plan in place to deal with a worst-case scenario. Fortinet offers this ransomware attack response checklist to effectively deal with an active ransomware attack.

Read more...
Blurring the lines between data management and cybersecurity
Cyber Security IT infrastructure
In the past, data management and cybersecurity would fall under separate domains, but with more organisations making the shift to the cloud, data management and data protection have merged, essentially blurring the lines between the two.

Read more...
Recession? Do not skimp on cybersecurity
Cyber Security Security Services & Risk Management
While economists are studying their crystal balls, businesses have to prepare for the worst, and preparing for a recession means cutting costs and refocusing resources; however, they must ensure they do not end up creating an enormous risk.

Read more...
Organisations are increasing modern data protection for cloud workloads
Cyber Security
The Veeam Cloud Protection Trends Report for 2023 identifies what is driving IT leaders to change strategies, roles and methods related to both production and protection of cloud-hosted workloads.

Read more...
Cybersecurity in Africa: The challenges and solutions
Training & Education Cyber Security
Africa faces a significant challenge when it comes to the availability and distribution of cybersecurity talent and secure IT infrastructures. Facing this challenge will require supporting and nurturing the next generation of security graduates and professionals.

Read more...
Zero Trust to dominate 2023
Cyber Security Access Control & Identity Management
Traditional ways of safeguarding data are no longer sufficient in 2023. Zero Trust has emerged as a more proactive way for businesses to keep their systems, data, and networks protected against compromise.

Read more...
Cybersecurity in 2023
Technews Publishing Gallagher Cyber Security
What is on the cybersecurity menu in 2023? Hi-Tech Security Solutions offers two views from industry players on the risk environment and what to look out for in the cyber world in the coming year.

Read more...
Hardening physical security against cyberattacks
Genetec Editor's Choice Cyber Security IT infrastructure
As the world becomes increasingly interconnected through the move to cloud computing and Internet of Things (IoT) devices, cybercrime has risen steadily, along with tools to combat it. Geopolitical tensions have the potential to rapidly unleash devastating cyberattacks worldwide.

Read more...
Fast, reliable and secure cloud services
Technews Publishing Editor's Choice Cyber Security IT infrastructure
Security and speed are critical components of today’s cloud-based services infrastructure. Cloudflare offers a range of services supporting these goals beyond what most people think it does.

Read more...