Morphisec a company that specializes in data security identified a coding mistake when reviewing a recent Apple Software Update for the Windows iTunes application. The error was allowing for ransomware to be installed bypassing security measures by using the Bonjour signature to appear as a trusted application. Morphisec found that the coding mistake was an unquoted path which could be utilized to install malicious applications. The bug was exploited by BitPaymer Ransomware to infect users that had installed the update.
BitPaymer is a new ransomware which was been targeting larger institutions such as government agencies, educational institutions, and manufacturing companies. Due to the targeted nature of BitPaymer's attacks ransoms to unencrypt files have been as high as $500,000. Morphisec alerted Apples development team upon its discovery which resulted in a fix being deployed in the iTunes 12.10.1 Windows package.
Here at Landshark IT we deal with ransomware issues routinely for both Mac and Windows. Most commonly devices infected with ransomware have their files either corrupted or encrypted. Depending on the attack recovery of files can be possible, but it is always best to take measures to secure your device. We offer security for the full range of devices including iOS, macOS, android, and Windows.