You Are Here: Home » E-Threats » Alerts » iPad Users Targeted by Backdoor Dissembled as iTunes Update

iPad Users Targeted by Backdoor Dissembled as iTunes Update

Success stories are cybercriminals’ go to sources of  victims and the iPad craze couldn’t have been left out of this picture.  According to some reports, Apple sold 150.000 iPads in the first 60 hours of presale availability, with almost 100.000 of these coveted devices being pre-ordered in the first 10 hours. The figures make it clear as daylight why malware creators were so keen on crashing this promising party.

The invitation to the “contagious fiesta” comes via the e-mail: an unsolicited message instructs iPad users to download on their PCs the latest version of the iTunes software as a preliminary step to an update of their iPad software.

iPad Spam

Fig. 1 The fake iPad software update announcement

To carry conviction, the e-mail emphasizes that  users should keep their iPad software updated “for best performance, newer features and security”.

It goes on to clarify the multi-step procedure by pointing out that in order for the update to be performed the latest version of iTunes should first be downloaded from the Internet. A direct link to the download location is conveniently provided. As a proof of cybercrime finesse, the webpage the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.

Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data as instead of the promised iTunes update they get malware on their systems.

phishing apple itunes download

Fig. 2 The download  that will turn the update into a nightmare

Identified by BitDefender as Backdoor.Bifrose.AADY,the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe processand opens up a backdoor that allows unauthorized access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADYattempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.

It is important to say that Mac users remain unaffected by this piece of malware.

About The Author

Sabina Datcu, PhD has background training in Applied Informatics and Statistics, Biology and Foreign Languages and Literatures. In 2003 she obtained a master degree in Systems Ecology and in 2009 a PhD degree in Applied Informatics and Statistics. Since 2001, she was involved in University of Bucharest’s FP 5 and FP6 European projects, as researcher in Information and Knowledge Management field. In 2009, she joined the E-Threat Analysis and Communication Team at BitDefender as technology writer and researcher, and started to write a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases.

Number of Entries : 48

Leave a Comment

© 2012 Powered By Bitdefender

x
Loading...
Scroll to top