애플, 윈도우 버전의 아이튠즈에서 제로 데이 랜섬웨어 결함 패치

ment 10/12 '19 posted 뉴스 IT

• 쿠퍼티노 기반 기술 대기업은 10 월 7 일 Windows 용 iTunes 12.10.1 및 Windows 용 iCloud 7.14 가 공개적으로 공개된 직후 제로 데이 취약점을 수정했습니다.

• Morphisec은 Apple에 대한 공격을 즉시 공개했으며, Apple은 최근 iCloud for Windows 업데이트의 결함을 수정했습니다.

• 이번 주 초 macOS Catalina가 출시된 이후 애플은 맥에서 아이튠즈를 일몰시킬 예정이지만, 윈도우 데스크탑을 사용하는 애플 기기 사용자는 가까운 미래에 아이튠즈에 의존해야합니다.

• 현재 공격을 더욱 용이하게하는 것은 Bonjour에 설치된 소프트웨어 섹션에 자체 설치 항목과 프로세스 실행을 위한 예약된 작업이 있다는 것입니다.

• 또한 악성 프로그램 파일에는 ".exe"와 같은 확장명이 제공되지 않기 때문에 바이러스 백신 (AV) 제품은 컴퓨터 성능을 제한하지 않기 위해 특정 파일만 검사하므로 파일을 검사하지 않을 수도 있습니다.

• 8 월 Morphisec Labs의 연구원들은 Windows 용 iTunes와 함께 제공되는 Bonjour 업데이터에 존재하는 결함의 남용을 발견했습니다. 자동차 산업의 미확인 기업에 대한 공격에 랜섬웨어를 제공하기 위한 것이었습니다.

• iTunes 제거 프로그램이 Bonjour를 자동으로 제거하지 않기 때문입니다.

• "우리는 Bonjour 업데이터가 여러 기업의 여러 컴퓨터에 설치되었다는 조사 결과에 놀랐습니다."라고 Gorelik은 말했습니다.

• 인용되지 않은 경로 취약점은 인텔 그래픽 드라이버, ExpressVPN 및 Forcepoint VPN을 포함한 다른 프로그램에서 발견되었습니다.

A Zero-Day iTunes for Windows Exploit Let Hackers Secretly Install Ransomware [winbuzzer.com]

Attention Required! | Cloudflare [www.darkreading.com]

Apple patches zero-day ransomware flaw in Windows version of iTunes [thenextweb.com]

Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign [threatpost.com]

Apple Zero-Day Exploited in New BitPaymer Campaign [blog.morphisec.com]

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks [thehackernews.com]

Attackers exploit an iTunes zeroday to install ransomware [arstechnica.com]

Apple's iTunes for Windows update closes off ransomware attack vector [appleinsider.com]

Update iCloud for Windows Right Now to Protect Against Ransomware [lifehacker.com]

Vulnerability in iTunes and iCloud allowed Windows ransomware [9to5mac.com]

Apple Fixes Zero-Day Ransomware Bug in iTunes for Windows [gizmodo.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

10/12 '19 answered

Bad actors are actively targeting a vulnerability in the #Windows version of #Apple iTunes to deliver BitPaymer/iEncrypt ransomware. (@morphisec)https://t.co/uRkJo0pqUp
— Threatpost (@threatpost) October 10, 2019

BitPaymer ransomware gang uses iTunes zero-day to bypass AV detection

-0-day exploited in August
-patched this week
-impacts iTunes/iCloud for Windows
-unquoted service path issue
-systems where iTunes was uninstalled are still vulnerablehttps://t.co/WwYahgTb8S pic.twitter.com/kFBTRfVTw3
— Catalin Cimpanu (@campuscodi) October 10, 2019

Apple patches zero-day ransomware flaw in Windows version of iTunes https://t.co/pLRr4nOz0D
— TNW (@thenextweb) October 11, 2019

Apple patches zero-day ransomware flaw in Windows version of iTunes https://t.co/BZAr3oLVsO
— TNW (@thenextweb) October 11, 2019

Apple patches zero-day ransomware flaw in Windows version of iTunes https://t.co/YYiJXyPGH2
— TNW (@thenextweb) October 11, 2019

ALERT!! #Apple #iTunes #Bug Actively Exploited in BitPaymer/iEncrypt Campaign. cybersec #cybersecurity #infosec #security #cyberthreat #darkint #hackers #cybercrime #darkweb #darknet #dataprotection #privacy #databreaches #credentials #malware #phishing https://t.co/OO8ZH9ywE4
— Jiniba (@JinibaBD) October 10, 2019

Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign https://t.co/2kzGo2NmkZ
— Nicolas Krassas (@Dinosn) October 10, 2019

Apple iTunes Bug Actively Exploited in BitPaymer/iEncrypt Campaign https://t.co/xOBuOuaT7u pic.twitter.com/1wLmp0JnjD
— Emcv Max (@emcvmaxcom) October 10, 2019

Apple Zero-Day Exploited in New BitPaymer Campaign https://t.co/aufs53l5Mq
— piyokango (@piyokango) October 10, 2019

A zero-day vulnerability in #Apple's Bonjour app—which comes bundled with #iTunes or #iCloud for Windows—found actively being exploited in the wild by cybercriminals to evade #antivirus detection and infect PCs with BitPaymer #ransomware.

Read: https://t.co/mnn9n8vxnh #infosec
— Mohit Kumar (@unix_root) October 11, 2019

New 0day in Apple's Bonjour service on Windows being used to infect computers with malware -> https://t.co/QUeSHvuIzR

Original writeup: https://t.co/SK3LDtuqyc pic.twitter.com/Gx2K02oO64
— dxw cyber (@dxwcyber) October 11, 2019

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks https://t.co/ucGiI6Wf01
— Philippe Vynckier (@PVynckier) October 11, 2019

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks https://t.co/ChCOTxvfp5 pic.twitter.com/c73EDq9sAv
— #AI (@AI__TECH) October 11, 2019

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks #hacking https://t.co/PoeYDD8gJ7
— Claudia Martín (@CLAVDIAmartin) October 11, 2019

The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection. @unix_root via @TheHackersNews https://t.co/CFJdmDNS56
— Malwarebytes (@Malwarebytes) October 10, 2019

How an iTunes zeroday allowed attackers to install ransomware on the sly https://t.co/5iaAfbuGRE
— Dan Goodin (@dangoodin001) October 10, 2019

Isnt iTunes already ransomware lolhttps://t.co/qDb5wbTytE
— ?? ?? (@Ricky_Simps0n) October 11, 2019

Attackers exploit iTunes zero day to install ransomware https://t.co/hbN7UEtmx3
— Security Response (@threatintel) October 11, 2019

Attackers exploit an iTunes & iCloud zeroday to install ransomware https://t.co/m3J2WoMJYE without triggering antivirus protections, researchers from Morphisec reported on Thursday. Apple patched the vulnerability earlier this week. Via @arstechnica
— Martial Gervaise (@argevise) October 11, 2019

윈도우용 아이튠즈와 아이클라우드 클라이언트에 내장된 Bonjour의 제로데아 헛점을 이용한 랜섬웨어가 도는 중. 맥에서 사라지고 나서 남은 윈도우 사용자에게 ㄸ을 주는군요. https://t.co/OHoeVuHszI
— 푸른곰 (@purengom) October 11, 2019

Attackers exploit an iTunes zeroday to install ransomware https://t.co/mxP8JeDfgp
— Paolo Passeri (@paulsparrows) October 11, 2019

Attackers exploit an iTunes zeroday to install ransomware https://t.co/GLdliwdf0V pic.twitter.com/WfiGOo0wd7
— #AI (@AI__TECH) October 11, 2019

Attackers exploit an #iTunes #zeroday to install #ransomware https://t.co/gcS6ufnzbx #informedsecurity pic.twitter.com/U1q4xQ7zEF
— Jose Lagdameo Jr (@cyberinform) October 11, 2019

Vulnerability in iTunes and iCloud allowed Windows PC ransomware infection https://t.co/42OBubTZRk pic.twitter.com/5BujfqrjX4
— Huawei Global (@huawei_global) October 11, 2019

permanent link

Open Wiki - Feel free to edit it. -

10/12 '19 answered

Apple patches zero-day ransomware flaw in Windows version of iTunes https://t.co/MOYzFCiApT
— TNW (@thenextweb) October 12, 2019

Apple patches zero-day ransomware flaw in Windows version of iTunes https://t.co/CEiRGMwyM8
— TNW (@thenextweb) October 12, 2019

A zero-day vulnerability in #Apple's Bonjour app—which comes bundled with #iTunes or #iCloud for Windows—found actively being exploited in the wild by cybercriminals to evade #antivirus detection and infect PCs with BitPaymer #ransomware.

Read: https://t.co/81pYs2ZU6a #infosec
— Swati Khandelwal (@Swati_THN) October 10, 2019

"An aside: Gorelik described Bonjour as 'a mechanism that Apple uses to deliver future updates.' Apple and many other resources, meanwhile, say it's a service Apple applications use to find shared music libraries and other resources on a local network"

? https://t.co/QtY4cciUYH
— Paul Dokas (@pauldokas) October 11, 2019

Vulnerability in iTunes and iCloud allowed Windows PC #ransomware infection https://t.co/gFKxY6feJs
— Shane Fogle (@fogle_shane) October 12, 2019

permanent link

Reply with curations

Related

Featured