Apple admits to have shipped video iPods infected with Windows malware.
The company confirmed in a statement on its website that a small number - less than 1% of the video iPods available for purchase after 12 September 2006, shipped from a contract manufacturer in China, carry a malicious file called RavMonE.exe.
"This known virus affects only Windows computers, and up to date antivirus software which is included with most Windows computers should detect and remove it. So far we have seen fewer than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all video iPods now shipping are virus free. As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it." Apple stated.
Graham Cluley, senior technology consultant at security firm Sophos, said "It is most likely that some of the video iPods were plugged into a Windows PC for testing purposes at Apple's Chinese contractor's manufacturing plant, which is why only some of them are infected.
"However, unfortunately, if you have bought a video iPod in the past month there is a chance that it could have a Windows virus on it."
Sophos claimed that Apple is not presently displaying the correct name for the malware on its website, referring to it instead as the RavMonE.exe Windows virus. The malware is "more likely to be a member of the RJump virus family", according to the security firm.
"There are a number of different pieces of malware which use a file called RavMonE.exe so we do not know at the moment precisely which Trojan or virus may have been shipped," said Cluley.
"The name RavMonE.exe actually comes from a perfectly legitimate program called RAV Anti-Virus so it would be wrong to call a piece of malware by this name. Hackers sometimes spoof the names of legitimate programs to cause greater confusion."
McAfee however, explains that W32/Rjump.worm is a worm written using the Python scripting language and was converted into a windows portable executable file using the Py2Exe tool. It attempts to spread by coping itself to mapped and removable storage drives and also opens a backdoor on an infected system.
Earlier this week it was reported that the Japanese subsidiary of McDonald's was recalling 10,000 MP3 players distributed as a giveaway. The fast food giant had discovered that a spyware Trojan was contained on the devices.
>> How to remove the Windows virus
The company confirmed in a statement on its website that a small number - less than 1% of the video iPods available for purchase after 12 September 2006, shipped from a contract manufacturer in China, carry a malicious file called RavMonE.exe.
"This known virus affects only Windows computers, and up to date antivirus software which is included with most Windows computers should detect and remove it. So far we have seen fewer than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all video iPods now shipping are virus free. As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it." Apple stated.
Graham Cluley, senior technology consultant at security firm Sophos, said "It is most likely that some of the video iPods were plugged into a Windows PC for testing purposes at Apple's Chinese contractor's manufacturing plant, which is why only some of them are infected.
"However, unfortunately, if you have bought a video iPod in the past month there is a chance that it could have a Windows virus on it."
Sophos claimed that Apple is not presently displaying the correct name for the malware on its website, referring to it instead as the RavMonE.exe Windows virus. The malware is "more likely to be a member of the RJump virus family", according to the security firm.
"There are a number of different pieces of malware which use a file called RavMonE.exe so we do not know at the moment precisely which Trojan or virus may have been shipped," said Cluley.
"The name RavMonE.exe actually comes from a perfectly legitimate program called RAV Anti-Virus so it would be wrong to call a piece of malware by this name. Hackers sometimes spoof the names of legitimate programs to cause greater confusion."
McAfee however, explains that W32/Rjump.worm is a worm written using the Python scripting language and was converted into a windows portable executable file using the Py2Exe tool. It attempts to spread by coping itself to mapped and removable storage drives and also opens a backdoor on an infected system.
Earlier this week it was reported that the Japanese subsidiary of McDonald's was recalling 10,000 MP3 players distributed as a giveaway. The fast food giant had discovered that a spyware Trojan was contained on the devices.
>> How to remove the Windows virus
0 comments:
Post a Comment Subscribe to Post Comments (Atom)