The message claims an update to iTunes has been released for the new handheld computer and directs the recipient to a site claiming to feature the new program.
Instead, it installs a file named 'itunessetup.exe' that gives hackers remote access to the machine.
Romanian security company BitDefender
discovered the security breach.The message reads: 'It is very important to keep the software on your iPad updated for best performance, newer features and security. To get the latest version of iTunes software, please go to... and install the application.'
The file adds code into Windows' 'explorer.exe' process and opens a backdoor for hackers, who then use that entrance to add more malware to the PC.
It also tries to snatch activation keys from various programs on the hacked machine and steals passwords for instant messaging and email.
The last legitimate update to iTunes was released on March 30, and Apple has yet to release an update for the iPad.
'The trick is pretty simple,' Catalin Cosoi from BitDefender told Computerworld. 'When you have the iPad you do expect to receive messages, maybe not e-mail, but messages of some sort [from Apple] that "We have finished an update, you have to get this update". They're clever to do it this way.
'If they were able to target Mac customers, it would have spread like wildfire, but because most antivirus companies detect this [Trojan], it's aimed at Windows users who have bought an iPad and who also don't run a security product.'
More than one million iPads have been sold since their release.
Mac users are not at risk from the Trojan.
[via Mail Online]
0 comments:
Post a Comment