Posted by: David Harley | August 15, 2014

I Can Name that iTune in – Oh, I’m Infected…

Researchers at the Georgia Institute of Technology will present a paper at Usenix on 20th August On the Feasibility of Large-Scale Infections of iOS Devices. The abstract asserts that “…infecting a large number of iOS devices through botnets is feasible. By exploiting design flaws and weaknesses in the iTunes syncing process, the device provisioning process, and in file storage…”

I look forward to reading the paper after it’s presented, but it seems to me a bit of a stretch from demonstrating that a single compromised Windows machine can be used to install malicious apps and steal data, to asserting that that ‘23% of bots will eventually have connections with iOS devices, thus making a large scale infection feasible’. That assertion is based on the statement that  ‘23% of bot IP addresses demonstrate iOS device existence and Windows iTunes purchases’, which isn’t at all the same thing. I don’t say that large scale infection isn’t possible, but first there has to be a large scale infection of Windows devices with malware ultimately and specifically targeting iOS devices.

In fact, I’m more in sympathy with John Leyden’s suggestion in The Register that ‘smaller scale attacks are much more likely to escape notice and therefore arguably present the biggest concern…’

An article in Computer World by Jeremy Kirk notes that one of the researchers observed that ‘they conducted their research using iOS devices connected to Windows, since most botnets are on that platform, but their attack methods also apply to OS X’.

David Harley
Small Blue-Green World

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.


%d bloggers like this: