Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks
Oct 10, 2019
Watch out Windows users! The cybercriminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection. The vulnerable component in question is the Bonjour updater, a zero-configuration implementation of network communication protocol that works silently in the background and automates various low-level network tasks, including automatically download the future updates for Apple software. To be noted, since the Bonjour updater gets installed as a separate program on the system, uninstalling iTunes and iCloud doesn't remove Bonjour, which is why it eventually left installed on many Windows computers — un-updated and silently running in the background. Cybersecurity researchers from Morphisec Labs discovered the exploitation of the Bonjour zero-day vulnerability in August when the attackers...
