Backdoor Malware Targets Apple iPad

← Back to Stories (view on slashdot.org)

Backdoor Malware Targets Apple iPad

Posted by CmdrTaco on Tuesday April 27, 2010 @01:04AM from the that-didn't-take-long dept.

An anonymous reader writes "Apple iPad users are being warned of an email-borne threat which could give hackers unauthorised access to the device. The threat arrives via an unsolicited email urging the recipient to download the latest version of iTunes as a prelude to updating their iPad software. Apart from opening up a backdoor, it also tries to read the keys and serial numbers of the software installed on the device, and logs the passwords to any webmail, IM or protected storage accounts."

13 of 196 comments (clear)

Min score:

Reason:

Sort:

Wrong wrong wrong... by richy+freeway · 2010-04-27 01:04 · Score: 5, Informative

This DOESN'T infect the iPad at all. It targets the idiots who bought an iPad but it is a WINDOWS virus.

See here for further details : http://www.theregister.co.uk/2010/04/26/ipad_backdoor/
1. Re:Wrong wrong wrong... by drewhk · 2010-04-27 01:10 · Score: 4, Informative
  
  Why modded Flamebait??
  http://news.bitdefender.com/NW1493-world--iPad-Users-Targeted-by-Backdoor-Dissembled-as-iTunes-Update.html
2. Re:Wrong wrong wrong... by alphad0g · 2010-04-27 01:18 · Score: 5, Informative
  
  I concur. Article is incorrect and Slashdot just regurgitated it. At least the blog post by the original author is correct. A Windows trojan - nothing else.
3. Re:Wrong wrong wrong... by Wingsy · 2010-04-27 04:03 · Score: 3, Informative
  
  I read the original blog from the original author, and he said, "Backdoor.Bifrose.AADYattempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim's ICQ, Messenger, POP3 mail accounts, and protected storage."
  
  Nowhere does it imply that any information being sent from the windows machine to the iPad is being read or intercepted. It's just your typically hosed Windows box.
  
  --
  If I didn't have absolutely NOTHING to do, I wouldn't be here.
4. Re:Wrong wrong wrong... by BasilBrush · 2010-04-27 08:37 · Score: 2, Informative
  
  (some actually think that removing features makes a product better, and adding features makes a product worse - seen in an iPhone vs. N900 review).
  Yes. People with good taste.
Re:exactly why... by lord_rotorooter · 2010-04-27 01:12 · Score: 5, Informative

This does not actually affect the IPad but rather is an attack to get Windows users to install an "update" for ITunes. The "update" is malware for Windows and is targeted at people who own an IPad and sync it with Windows.
Clarification... by clone53421 · 2010-04-27 01:14 · Score: 3, Informative

An e-mail, purporting to be from Apple, informs people that their iPad needs to be updated. Steps given for updating your iPad:
1) Download an iTunes update for Windows (itunes.exe) and install;
2) Connect your iPad to the Windows computer;
3) Select iPad in the iTunes sidebar;
4) Click “Check for update” then “Update” to finish updating your iPad’s software.
Note that there’s no legitimate reason that you’d ever need to connect the iPad to a second computer to update it. It has its own internet connection.
Needless to say, your Windows computer will be infected with the virus if you execute the itunes.exe that you were instructed to download and install. It appears that your iPad will be none the worse for having an idiot for an owner.

--
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Updates *are* done over USB by danaris · 2010-04-27 01:18 · Score: 4, Informative

Note that there’s no legitimate reason that you’d ever need to connect the iPad to a second computer to update it. It has its own internet connection.
Now, I don't have an iPad, so I don't know how they're updated, but the iPhone and iPod touch, which also have their own internet connections, get software updates through iTunes, over USB.
This is how it's always been done.
Dan Aris

--
Fun. Free. Online. RPG. BattleMaster.
1. Re:Updates *are* done over USB by tgd · 2010-04-27 01:30 · Score: 2, Informative
  
  Why is simple -- it replaces the firmware, by booting the phone into a mode where the firmware can be updated via USB (and the OS isn't running).
  You can't easily upgrade an OS out from under itself.
2. Re:Updates *are* done over USB by Brandee07 · 2010-04-27 01:40 · Score: 2, Informative
  
  A few points:
  -AT&T doesn't like downloads over their network larger than 10MB in size. If you buy an app larger than that, it'll tell you to find a WiFi connection and try again. Some of the previous iPhone software updates have been a few hundred megabytes - try downloading that over 3G in a reasonable amount of time.
  -Plugging in to a computer before updating the software forces the user to make a backup. The otherwise stand-alone nature of the iPhone makes it rare for me to plug my phone in to my computer, so updates are just about the only time I actually do back up my phone.
Re:exactly why... by TheKidWho · 2010-04-27 01:21 · Score: 1, Informative

The target isn't the iPad, it's the windows box.
Re:Write misleading headlines much.. by shadowrat · 2010-04-27 01:30 · Score: 2, Informative

the con targets iPad users. the software targets windows.
Re:Write misleading headlines much.. by quadelirus · 2010-04-27 01:35 · Score: 4, Informative

Not just the summary. The article itself is misleading (it doesn't once mention that the virus effects Windows PCs and not iPads). This one: http://www.tgdaily.com/mobility-features/49519-nefarious-ipad-virus-masquerades-as-itunes-update is slightly better, as it doesn't fail to mention the fact that Windows PCs are being infected and not iPads. The iPad is only the phishing-hook to get a user to click the link (something like: you need to update your iTunes for your new iPad, click here to do so...)