Slashdot Mirror
Backdoor Malware Targets Apple iPad
An anonymous reader writes "Apple iPad users are being warned of an email-borne threat which could give hackers unauthorised access to the device. The threat arrives via an unsolicited email urging the recipient to download the latest version of iTunes as a prelude to updating their iPad software. Apart from opening up a backdoor, it also tries to read the keys and serial numbers of the software installed on the device, and logs the passwords to any webmail, IM or protected storage accounts."
This DOESN'T infect the iPad at all. It targets the idiots who bought an iPad but it is a WINDOWS virus.
See here for further details : http://www.theregister.co.uk/2010/04/26/ipad_backdoor/
It's not just the headline, it's the summary and the article too!
This does not actually affect the IPad but rather is an attack to get Windows users to install an "update" for ITunes. The "update" is malware for Windows and is targeted at people who own an IPad and sync it with Windows.
Yes well, this virus is infecting a Windows PC, so much for that.
An e-mail, purporting to be from Apple, informs people that their iPad needs to be updated. Steps given for updating your iPad:
1) Download an iTunes update for Windows (itunes.exe) and install;
2) Connect your iPad to the Windows computer;
3) Select iPad in the iTunes sidebar;
4) Click “Check for update” then “Update” to finish updating your iPad’s software.
Note that there’s no legitimate reason that you’d ever need to connect the iPad to a second computer to update it. It has its own internet connection.
Needless to say, your Windows computer will be infected with the virus if you execute the itunes.exe that you were instructed to download and install. It appears that your iPad will be none the worse for having an idiot for an owner.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Reminds me of that line from "Absence of Malice" that "everything they said was accurate but none of it was true".
I'm disappointed that there have been no Apple User/Backdoor jokes in this story yet. I'll check back in an hour. Don't kill my faith in /.
"I don't have to think. I only have to do it. The results are always perfect, but that's old news." - Meat Puppets
Note that there’s no legitimate reason that you’d ever need to connect the iPad to a second computer to update it. It has its own internet connection.
Now, I don't have an iPad, so I don't know how they're updated, but the iPhone and iPod touch, which also have their own internet connections, get software updates through iTunes, over USB.
This is how it's always been done.
Dan Aris
Fun. Free. Online. RPG. BattleMaster.
If you want to get really pedantic, the target isn't even the Windows box. It's the user's information and the profits that can be gleaned either directly or indirectly from aggregating such information from millions of such users.
I'm guessing that the rationale behind this is that people who snap up the iPad are trend-following sheep with more money than sense who are "easy marks" and thus more likely to fall for a "social engineering" attack such as this one.
Official Heretic from the "Church of Global Warming". Proven right thanks to whistle blowers. AGW = Flat Earth Theory
the con targets iPad users. the software targets windows.
Not just the summary. The article itself is misleading (it doesn't once mention that the virus effects Windows PCs and not iPads). This one: http://www.tgdaily.com/mobility-features/49519-nefarious-ipad-virus-masquerades-as-itunes-update is slightly better, as it doesn't fail to mention the fact that Windows PCs are being infected and not iPads. The iPad is only the phishing-hook to get a user to click the link (something like: you need to update your iTunes for your new iPad, click here to do so...)