Wednesday, October 18, 2006

iPods and Viruses!

Apple Support has a very interesting notice available today. It seems that some of the iPod (video) units available for purchase from September 12th contain the RavMonE.exe virus. More details are available from:
I'm not sure that Apple come very well out of this. Their "apology", centred round a gratuitous snipe at Microsoft (from whom they could learn something about QA, at least in terms of malware management), is placed fairly inconspicuously a couple of levels down on their support page, and offers nothing by way of remediation except pointers to some anti-malware applications (including OneCare!) Not a real description of the problem, either and no attempt at risk evaluation. "Small number", "less than 1%", "less than 25", and "easy to restore" are also mentioned frequently in the notice. With more than eight million iPods shipped in Apple's third quarter I would be interested in a raw number for that 1% effected by this. What's one percent of a few million?
BTW the name of it is W32/Rjump.worm. It is a worm written using the Python scripting language and was converted into a windows portable executable file using the Py2Exe tool. It attempts to spread by coping itself to mapped and removable storage drives and also opens a backdoor on an infected system.