The iPad has been a pretty big success so far, especially for a category-busting product. But investors and Apple users aren’t the only ones to have taken note of the product’s success.


Apple’s impressive growth as a company is a good thing for end users in a number of ways. Apple has more money to spend on innovative new product designs, for example, and its easier to get service and support for your products, not to mention software and accessories.

The iPad has been a pretty big success so far, especially for a category-busting product. But investors and Apple users aren’t the only ones to have taken note of the product’s success. The iPad is now being used as scam bait to sucker in people who might not be that familiar with the warning signs of internet scams, which, not coincidentally, is just who the iPad seems directed at as a device.

So far, the scam only works on Windows PCs, but even if you’re a Mac-using iPad owner, make sure any friends and relatives using the other platform are aware of the ruse. Basically, you get an email telling you that iTunes needs to be updated in order to update your iPad device, and provides a link to the software in question.

Of course, instead of taking you to some kind of iTunes download, the link instead opens up a direct line to their sensitive information, if accessed via a PC. Specifically, the malware in question is Backdoor.Bifrose.AADY, which uses Internet Explorer to open a back door on your system and look around for software serial numbers and login data, including usernames and passwords for various sites.

People on Macs or other Apple platforms, like the iPad and iPhone, won’t be affected at all by following the link, but obviously it’s never a good idea to open suspicious links in emails in case that changes in future versions of the scam.

At least for now, the iPad itself hasn’t been a target for hackers and/or malicious code. Apple’s securely locked down content distribution system in the form of the App Store really helps things there, but it’s only a matter of time before it becomes a target in a big way, and this attack is the first sign of why that’s a dangerous prospect. You’ve no doubt seen the articles about people picking up the iPad as their first ever computer. That category of user is the ideal candidate for malicious software, since they’ve yet to experience the nasty side of the Internet and don’t have any built-in defenses against these types of scams.

The iPad is raising Apple’s profile, and that means trouble for those uneducated about Internet security risks. It could also mean problems for all Mac users in the long run, as the iPad draws more people to OS X in the same way the iPod and iPhone did before it. But for now, it’s still the most secure platform around, so enjoy it while it lasts.

You’re subscribed! If you like, you can update your settings

  1. It’s disappointing that a technical site would equate hacker with criminal. I expect this from the bimbos on my local television news station.

    1. When do you ever hear a story about “hackers” doing good things? It boils down to a couple of cliche’s:
      1. It is the “criminals” who give the rest a bad name
      2. If you are not part of the solution (to stop criminals), you are part of the problem.

  2. That’s exactly why Firefox should build a mobile app so that we can all run No Script and Web of Trust from the iPad! …Not that Apple would let it near the App Store.

    1. Perfectly sound – superstitious, ignorant – reasoning. Still throwing salt over your shoulder?

      Wander into the real world of commerce sometime and you might discover it ain’t a soap opera plot.

      1. I’m sorry I’m not allowed an opinion.

    2. Actually Apple might allow a mobile Firefox, they’ve allowed Opera Mini.

  3. Oh for God’s sake! There are 85 million iPhones and iPod touches out there, all based on exactly the same OS, and yet the ONLY malware attacks happen on jailbroken devices – and these attacks are in the realm of statistical noise, ie, a scant and literal handful of users. This article seems to promulgate the tired old myth of “security through obscurity”, a meme which has been debunked endless times by those that know better. Out of the box, the iPad is vastly more secure than any other internet-enabled device, other than its Apple brethren.

    No device can protect the user from social engineering tricks but to conflate the device’s popularity with an increasing attack vector based solely on that popularity ignores the point I made first. I agree absolutely with educating our less than computer-literate friends with the dangers of social engineering but please keep this in perspective. The amount of malware for any Apple device is vastly disproportional to the installed user base compared to Windows. With around 8-10% of installed users compared to Windows (US figures), there should be a proportional amount of malware – there isn’t!



      1. Comment removed by administrator, see comment rules and regulations.

  4. Gern Blanston Saturday, May 29, 2010

    Old releases of Linux are vastly more secure than the latest Apple OS.

  5. Sir Quenn Fonchey Saturday, May 29, 2010

    Is the screen name DoctorChas supposed to be some sort of “hilarious” reference to the ’83 Mississippi child molestation case? Because it is in incredibly poor taste and makes all of your comments questionable.

Comments have been disabled for this post