Windows Malware Disguised as iTunes Update Targets iPad Owners


On its Malware City blog, antivirus firm BitDefender notes that malware creators have begun to take advantage of the hype surrounding Apple's new iPad tablet device as a means of social engineering to encourage users to download their malicious software disguised as an iTunes update.

Identified by BitDefender as Backdoor.Bifrose.AADY,the piece of malicious code inadvertently downloaded injects itself in to the explorer.exe process and opens up a backdoor that allows unauthorized access to and control over the affected system.

Moreover, Backdoor.Bifrose.AADYattempts to read the keys and serial numbers of the various software installed on the affected computer, while also logging the passwords to the victim's ICQ, Messenger, POP3 mail accounts, and protected storage.

The malware is advertised in the form of an awkwardly-worded email message and includes a link to a site formatted similarly to Apple's iTunes download page but hosting the malicious software.

The report is careful to note that the malware in question only targets Windows, and thus users of Mac OS X are unaffected. The iPad itself is also unaffected by the malware, as its mention is simply used to entice its owner to download the infected software.