iPad users targeted by backdoor dissembled as iTunes update
May 2010
IT in Manufacturing
An e-mail invitation to an iTunes update gets iPad users’ PCs into backdoor trouble.
Success stories are cybercriminals’ go to sources of victims and the iPad craze could not have been left out of this picture. According to some reports, Apple sold 150 000 iPads in the first 60 hours of presale availability, with almost 100 000 of these coveted devices being pre-ordered in the first 10 hours. The figures make it clear as daylight why malware creators were so keen on crashing this promising party.
The invitation to the 'contagious fiesta' comes via the e-mail: an unsolicited message instructs iPad users to download on their PCs the latest version of the iTunes software as a preliminary step to an update of their iPad software.
Figure 1. The fake iPad software update announcement
To carry conviction, the e-mail emphasises that users should keep their iPad software updated 'for best performance, newer features and security'.
It goes on to clarify the multistep procedure by pointing out that in order for the update to be performed the latest version of iTunes should first be downloaded from the Internet. A direct link to the download location is conveniently provided. As a proof of cybercrime finesse, the webpage the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.
Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data as instead of the promised iTunes update they get malware on their systems.
Figure 2. The download that will turn the update into a nightmare
Identified by BitDefender as Backdoor.Bifrose.AADY, the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe process and opens up a backdoor that allows unauthorised access to and control over the affected system.
Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.
It is important to say that Mac users remain unaffected by this piece of malware.
For more information contact Alina Anton, senior PR and marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, [email protected], www.bitdefender.com
Further reading:
Enhancing cyber security for industrial drives
Siemens South Africa
IT in Manufacturing
The growing connection between production networks and office networks as part of IT/OT integration and the utilisation of IoT have many benefits for industrial companies. At the same time, they also increase the risk of cyber threats. Siemens ensures that your know-how and plants are protected at all times.
Read more...
Immersion cooling systems for data centres
IT in Manufacturing
The demand for data centres in Africa is growing. The related need for increasing rack densities brings with it escalating cooling requirements.
Read more...
Transforming pulp and paper with automation and digitalisation
ABB South Africa
IT in Manufacturing
The pulp and paper industry in South Africa is undergoing a significant transformation from traditional manual processes to embracing automation technologies. Automation in pulp and paper mills aims to improve various production stages, from raw material preparation to final product creation.
Read more...
New world of process control: A completely web-based process control system
Siemens South Africa
IT in Manufacturing
Control technology is crucial for gaining a competitive edge in the process industry. That’s why there’s SIMATIC PCS neo - the innovative ground-breaking process control system by Siemens.
Read more...
Protecting industrial networks with resilient defence
RJ Connect
IT in Manufacturing
Network security is no longer just about preventing hacking or data breaches. For operational technology networks, resilient defence and consistent uptime are crucial. They are the core tenets that underpin Moxa’s guarded uptime and resilient defence (GUARD).
Read more...
The metaverse is now: are you ready to reimagine your business?
IT in Manufacturing
The convergence of the digital and physical worlds, driven by spatial computing and the metaverse, is rapidly reshaping business landscapes. This transformation extends beyond the mere novelty of virtual reality headsets and augmented reality filters, signalling a fundamental shift in how organisations operate, collaborate and innovate.
Read more...
AI and cyber security: South Africa’s next battleground
IT in Manufacturing
Artificial intelligence is rapidly becoming a double-edged sword in the world of cybersecurity. In South Africa, where cybercrime is on the rise, AI presents both an opportunity and a threat.Artificial intelligence is rapidly becoming a double-edged sword in the world of cybersecurity. In South Africa, where cybercrime is on the rise, AI presents both an opportunity and a threat.
Read more...
Technology won’t save your business from cyber threats
IT in Manufacturing
Artificial Intelligence is reshaping the landscape of information security, presenting both unprecedented opportunities and significant new threats.
Read more...
Addressing the cooling needs of the modern data centre
Schneider Electric South Africa
IT in Manufacturing
The rise in hardware density in data centres is gaining speed and is largely driven by the demands of artificial intelligence and machine learning, requiring more powerful servers and specialised hardware.
Read more...
South Africa’s next cyber security frontier
IT in Manufacturing
AI-powered agents are rapidly transforming how South African businesses operate, from chatbots managing customer inquiries to automated systems processing financial transactions. While these AI-driven assistants increase efficiency and reduce operational costs, they also present a new, and often underestimated, cybersecurity challenge: identity management.
Read more...
printer friendly version