A number of Video iPods have been shipped
containing Windows malware
Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have reminded
users of the necessity to scan all storage devices they attach to
their computers for malware as news breaks of a number of Video
iPods that have been shipped containing Windows malware.
In a statement on its
website, Apple has confirmed that some Video iPods available for
purchase after 12 September, 2006 left their contract manufacturer
carrying a malicious file, RavMonE.exe.
Less than one percent of Video iPods shipped since 12 September
are said to be affected. iPod Nanos and iPod Shuffle devices are
not reported to be carrying the malicious file, which can only
activate on Windows computers.
"If you have bought a Video iPod in the last month there is a
chance that it could have a Windows virus on it," said Graham Cluley, senior
technology consultant for Sophos. "The good news is that if you
have kept your anti-virus software up-to-date then your security
software should have no trouble detecting it before it can do any
harm. The even better news - if you own an Apple computer at least
- is that the malware only runs on Windows, not on Mac OS X."
Sophos notes that presently Apple is not displaying the correct
name for the malware on its website, instead referring to it as the
RavMonE.exe Windows virus.
"There are a number of different pieces of malware which use a
file called RavMonE.exe so it's not a good way of specifically
identifying the infection. Sophos has been detecting the malware
since 30 June as Troj/Bdoor-DIJ,"
continued Cluley. "The name RavMonE.exe actually comes from a
perfectly legitimate program called RAV Anti-Virus so it would be
wrong to call a piece of malware by this name. Hackers sometimes
spoof the names of legitimate programs to cause greater
Experts at Sophos recommend that any storage device which is
attached to a computer is checked for virus and other malware
before use. Floppy disks, CD ROMs, USB keys, external hard drives
and other devices are all capable of carrying malicious code which
could infect the computers of innocent users.
Earlier this week it was reported that the Japanese
subsidiary of McDonald's was recalling 10,000 MP3 players it had
distributed as a giveaway. The fast food giant had discovered that
a spyware Trojan horse was contained on the device.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of viruses, spyware and