IT in Manufacturing


iPad users targeted by backdoor dissembled as iTunes update

May 2010 IT in Manufacturing

An e-mail invitation to an iTunes update gets iPad users’ PCs into backdoor trouble. 

Success stories are cybercriminals’ go to sources of victims and the iPad craze could not have been left out of this picture.  According to some reports, Apple sold 150 000 iPads in the first 60 hours of presale availability, with almost 100 000 of these coveted devices being pre-ordered in the first 10 hours. The figures make it clear as daylight why malware creators were so keen on crashing this promising party.

The invitation to the 'contagious fiesta' comes via the e-mail: an unsolicited message instructs iPad users to download on their PCs the latest version of the iTunes software as a preliminary step to an update of their iPad software.

Figure 1. The fake iPad software update announcement
Figure 1. The fake iPad software update announcement

To carry conviction, the e-mail emphasises that users should keep their iPad software updated 'for best performance, newer features and security'.

It goes on to clarify the multistep procedure by pointing out that in order for the update to be performed the latest version of iTunes should first be downloaded from the Internet. A direct link to the download location is conveniently provided. As a proof of cybercrime finesse, the webpage the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.

Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data as instead of the promised iTunes update they get malware on their systems.

Figure 2. The download that will turn the update into a nightmare
Figure 2. The download that will turn the update into a nightmare

Identified by BitDefender as Backdoor.Bifrose.AADY, the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe process and opens up a backdoor that allows unauthorised access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage.

It is important to say that Mac users remain unaffected by this piece of malware.

For more information contact Alina Anton, senior PR and marketing coordinator, EMEA & APAC Business Unit, BitDefender, +40 212 063 470, [email protected], www.bitdefender.com





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Addressing the cooling needs of the modern data centre
Schneider Electric South Africa IT in Manufacturing
The rise in hardware density in data centres is gaining speed and is largely driven by the demands of artificial intelligence and machine learning, requiring more powerful servers and specialised hardware.

Read more...
South Africa’s next cyber security frontier
IT in Manufacturing
AI-powered agents are rapidly transforming how South African businesses operate, from chatbots managing customer inquiries to automated systems processing financial transactions. While these AI-driven assistants increase efficiency and reduce operational costs, they also present a new, and often underestimated, cybersecurity challenge: identity management.

Read more...
Bombardier expands adoption of Siemens Xcelerator for aircraft developmen
Siemens South Africa IT in Manufacturing
Bombardier has expanded its adoption of the Siemens Xcelerator portfolio of industry software for aircraft development.

Read more...
The DeepSeek effect: navigating AI’s new frontier
IT in Manufacturing
DeepSeek has emerged as a game-changer in artificial intelligence, offering a robust platform redefining how businesses approach AI integration. This change is especially important since it opens up AI to a wider range of organisations, including small and medium-sized enterprises that could have previously been priced out of the market.

Read more...
Automation, is it 2049 already?
Schneider Electric South Africa IT in Manufacturing
It would come as no surprise that AI and ML are at the forefront of the increased efficiency movement, and are vital cogs in this sophisticated automated machine. A development that is extremely exciting, is autonomous systems.

Read more...
Agentic AI: are we building castles on quicksand?
IT in Manufacturing
Artificial Intelligence is in a strange spot. With the explosion of AI tools and applications, we find ourselves teetering between two inseparable yet intertwined paths – the promise of extraordinary capability and the peril of unmitigated risk.

Read more...
There’s a reason the A stands for Advanced in APC
Schneider Electric South Africa IT in Manufacturing
Today’s mineral processing companies face almost universal challenges, efficiently managing resources and high energy consumption, environmental compliance, barriers to technological adoption and the perpetual shortage of skilled labour. While there’s no miracle intervention, there are undoubtedly solutions that improve the above, and one is Advanced Process Control.

Read more...
Digital twins in manufacturing
Schneider Electric South Africa IT in Manufacturing
Digital twin technology can help create better products, fast. It can transform the work of product development too.

Read more...
New generative AI-powered maintenance offering
Siemens South Africa IT in Manufacturing
The Siemens Industrial Copilot is revolutionising industry by enabling customers to leverage generative AI across the entire value chain – from design and planning to engineering, operations and services.

Read more...
Building resilience in extreme environments
ACTOM Electrical Machines IT in Manufacturing
Extreme temperatures, corrosive substances and high pressures are just a few of the elements that make up the unforgiving operational environments characteristic of the petrochemical and oil and gas sectors. A proactive and nuanced approach to industrial maintenance is no longer optional for organisations, it is an absolute necessity to avoid disruptions and create the right conditions for success.

Read more...