Apple iPad Users Targeted By Malware

Updated: Reports of a first “iPad virus” turn out to be simply a phishing email aimed at Windows users with iPads

It did not take long for malware creators to crash the Apple iPad party. Today it emerged that the tablet device is being targeted by a scamware designed to hijack their PCs.

Anti virus specialist BitDefender has identified a phishing exploit that is currently targeting iPad users, in a bid to  fool them into compromising their Windows PCs. This is no surprise: with around 600,000 iPads sold since its release, there are plenty of victims out there, presumably so excited with their  new device  that their defences are down. iPad demand has meant a delay to the device’s arrival in the UK, and plans to ramp up production of the tablet to meet demand.

Fake Email

Disguised as an email invitation to download the latest version of iTunes, the email entitled “iPad software updates” contains a hyperlink to trap the unwary.

“Hello iPad user,” begins the email. “There were released updates for software installed on your iPad device. It is very important to keep the software on your iPad updated for the best performance, newer features, and security,” the email cheekily reads.

If the user does click on the malicious hyperlink, a perfect imitation of the one they would use for legitimate iTunes software downloads appears, but malware is instead downloaded and sensitive data is exposed.

BitDefender has identified the virus as Backdoor.Bifrose.AADY a Windows virus which “injects itself into the explorer.exe process and opens up a backdoor that allows unauthorised access to, and control over the affected system.”

“Moreover, Backdoor.Bifrose.AADY attempts to read the keys and serial numbers of the various software installed on the affected computer while also logging the passwords to the victim’s ICQ, Messenger, POP3 mail accounts, and protected storage,” warned the security vendor.

It seems that this affects Windows users only and “Mac users remain unaffected by this piece of malware.”

Beware Hyperlinks

“A direct link to the download location is conveniently provided,” wrote BitDefender’s Sabina Datcu, in a blog post. “As a proof of cyber crime finesse, the web page the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads.”

“Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data, as instead of the promised iTunes update they get malware on their systems,” Datcu warned.

UK users will now only be able to pre-order the device from 10 May, and the tablet will only hit UK shelves in late May. Indeed, both Vodafone and O2 said they would announce dedicated iPad price plans at the end of May, reinforcing the late international appearance of the tablet.