Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Governance, Risk and Compliance, Critical Infrastructure Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Windows virus found on small number of Video iPods

, ,

A number of recently shipped Video iPods contain RavMonE.exe, a Windows virus, according to a statement from Apple today.

The computing giant said that less than one percent of Video iPods shipped and available for purchase after Sept. 12 are infected with the malware, which only affects Windows PCs.

iPod Nanos and iPod Shuffle devices do not carry the malicious file, according to Apple's statement, which said: "As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it."

Apple sold more than eight million iPods worldwide during the third quarter of this year.

Apple advised users on its support page today to use prominent anti-virus software to remove the virus, linking to free trial anti-virus software from Microsoft, McAfee and Symantec.

After installation, users should scan their iPod, as well as other storage devices that could be carrying the worm, according to Apple's statement.

Joe Telafici, director of operations for McAfee Avert Labs, told today that to a PC running a Windows operating system, there isn't much difference between an iPod and another removable storage device.

"An iPod and a lot of devices, some cell phones or cameras for instance, look just like a removable drive to Windows PCs and they act like a floppy disk in the regard that they can hold malware," he said. "This stuff has been around for quite a while since we had the original floppy worms. This is not really a new twist on it, if it was a thumb drive put on there, the same thing would've happened."

Dennis Szerszen, vice president of marketing and corporate strategy at SecureWave, told today that consumers shouldn't be shocked that iPods are susceptible to malware.

"I'm just sitting here wondering why everyone is surprised. We've been waiting for something like this to happen and I'm sorry it had to happen to Apple first," he said. "Viruses of all kinds are so pervasive in our lives today. I don't think there is a desktop today that doesn't have some kind of malware on it, and it was a matter of time until someone would create something that would spread to this kind of a device."

Security vendor Sophos released a statement saying the malware used a common name, making it difficult to identify its characteristics. Graham Cluley, senior technology consultant at the U.K.-based firm, said the devices could have been infected during product testing.

"It's most likely that some of the Video iPods were plugged into a Windows PC for testing purposes at Apple's Chinese-based contractor's manufacturing plant, which is why only some of them are infected rather than all," he said.

"There are a number of different pieces of malware which use a file called RavMonE.exe and so we don't know at the moment precisely which trojan horse or virus may have been shipped. Hackers sometimes spoof the names of legitimate programs to cause greater confusion," continued Cluley.

Alan Hely, corporate communications director for Europe at Apple Computers, said the number of globally affected units were unknown.

"This known virus affects only Windows computers, and up-to-date anti-virus software which is included with most Windows computers should detect and remove it. So far we have seen less than 25 reports concerning this problem. The iPod nano, iPod shuffle and Mac OS X are not affected, and all Video iPods now shipping are virus free," he said.

Click here to email Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.