magnify
Home Gaming Spammers latch onto iPad phenomenon with malicious iTunes update
formats

Spammers latch onto iPad phenomenon with malicious iTunes update

Email invitation gives spammers access to sensitive data 

SYDNEY & AUCKLAND – 27 April 2010 – Spammers have latched onto the recent iPad phenomenon as the means to spread malicious links. The latest attack is an attempt to log the serial numbers and logins of programs installed, including instant messenger and email accounts.

This week, BitDefender has found unsolicited emails indiscriminately targeting people who may or may not be iPad users. The email instructs computer users to download the latest version of iTunes as a first step to a purported iPad software update. The embedded download link for iTunes is dubious though, and directs users to a convincing mock up of the Apple iTunes download page. What the download contains is Backdoor.Bifrose.AADY, a piece of malicious code that injects itself into the explorer.exe process which opens up a backdoor allowing unauthorised access to and control of the infected system.

Above: The fake iPad software update announcement

The email spells out the multi-step procedure to upgrade the iPad’s software by pointing out that the latest version of iTunes should first be downloaded in order for the update to be performed. A direct link to the download is conveniently provided.

In order to stay safe, BitDefender recommends computer users to follow the five security tips below:

  • Do not download or save files from sources you do not know, even if an email purports to be from the official source.
  • Use only the software vendor’s official website (i.e.: http://www.apple.com) in order to download software for your iPad.
  • Install and activate a reliable antimalware, firewall solution and spam filter.
  • Enable automatic updates for your antimalware, firewall and spam filter with the latest virus definitions and application/file signatures.
  • Run an anti-malware scan before opening or copying any files to your system, even if the file comes from a trusted source.