A Critical Evaluation of A Recent Cybersecurity Attack on iTunes Software Updater

Mohammad Aljaidi, Ayoub Alsarhan, Ghassan Samara, Yazan Alaya AL-Khassawneh, Yousef Ali Al-Gumaei, Hamzeh Aljawawdeh, Abdullah Alqammaz

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    14 Citations (Scopus)

    Abstract

    A rising number of businesses are embracing the Industry 4.0 paradigm by connecting their industrial systems and implementing a variety of cutting-edge technologies (such as cloud computing, smart devices, and data mining analytical), which in turn make Operations become more productive and efficient. However, this development and improvement on these businesses has been accompanied by the emergence of different types of cybersecurity difficulties and attacks. In this paper, a critical assessment for the recent iTunes software updater attack will be investigated and analyzed. A security vulnerability was discovered in iTunes software updater has been exploited to run ransomware on the targeted environment. Attacks could have taken advantage of an unquoted file path in the assigned system service that handled iTunes software update, which instead of running the targeted updater executable, it would have executed ransomware instead on the target computer. The ransomware sat undetected due to it be not containing a file extension and therefore was not scanned by antivirus software. Its malicious behavior was also not detected by antivirus software due to the iTunes updater being signed and trusted, so antiviruses thought the ransomware was trusted as well. Potential victims who had iTunes previously installed on their device was also vulnerable due to the updater being left behind when iTunes is uninstalled. This created a bigger number of potential victims that could have been exploited. While this exploit was not taken advantage of, this exploit existed and still exists in other applications because of developer error and lack of testing for this exploit.
    Original languageEnglish
    Title of host publication2022 International Engineering Conference on Electrical, Energy, and Artificial Intelligence (EICEEAI)
    PublisherIEEE
    ISBN (Electronic)9798350332742
    DOIs
    Publication statusPublished - 2 Mar 2023

    Keywords

    • exploitation
    • iTune software updater
    • ransomware
    • vulnerability

    ASJC Scopus subject areas

    • Artificial Intelligence
    • Computer Science Applications
    • Computer Vision and Pattern Recognition
    • Energy Engineering and Power Technology
    • Renewable Energy, Sustainability and the Environment
    • Electrical and Electronic Engineering

    Fingerprint

    Dive into the research topics of 'A Critical Evaluation of A Recent Cybersecurity Attack on iTunes Software Updater'. Together they form a unique fingerprint.

    Cite this