Back to Newsroom

26 April 2010

Email invitation to an iTunes update gets iPad users� PCs into backdoor trouble

With more than 600,000 iPads sold since its introduction, it�s clear as why malware creators have been interested in crashing this promising party, warns BitDefender�.

This particular threat comes in the form of an unsolicited e-mail, promising to keep iPad software updated �for best performance, newer features and security�. Via a conveniently provided link, the email instructs iPad users to download the latest version of iTunes software to their PCs as a preliminary step to update their iPad software. The download page to which users are directed is a perfect imitation of the one they would use for legitimate iTunes software downloads.

Identified by BitDefender as Backdoor.Bifrose.AADY, this piece of malicious code inadvertently downloaded injects itself in to the explorer.exe process and opens up a backdoor that allows unauthorized access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim�s ICQ, Messenger, POP3 mail accounts, and protected storage.

It is important to say that Mac users remain unaffected by this piece of malware.

To avoid falling victim to this threat and others, BitDefender recommends the following five security tips:


  • Do not download or save files from sources you don't know; use only the producer�s official website (www.apple.com) in order to download software for your iPad
  • Install and activate a reliable antimalware, firewall solution and spam filter
  • Update your antimalware, firewall and spam filter as frequently as possible, with the latest virus virus definitions and suspicious application/file signatures
  • Run a complete antimalware scan before opening or copying any file to your system, even if the file comes from a trusted source
  • Scan your system frequently

 Share

Contacts