In recent years, ransomware attacks have become a headache for large companies, and not so large, that they see as everyone data stored on infected computers is encrypted and you cannot have access to them, unless they go to the register and pay for the password that supposedly unlocks access to the data.
Morphisec researchers detected a security flaw in both iTunes and iCloud for Windows, which allowed friends of others to take advantage of the vulnerability of the Bonjour application, an application that allows us to know at all times if we have new updates pending download.
Attackers have been able to exploit this vulnerability, which it was not detected by antivirus since being signed by Apple it was completely safe, to carry out ransomware attacks, allowing the computer to be hijacked, its content encrypted and a key requested in exchange for a financial outlay.
Bonjour is not part of the iTunes or iCloud applications, but rather works independently, Therefore, when removing both applications, this application is still present in the system, so the number of computers that may have been exposed is very high, despite having deleted both applications.
This vulnerability was detected last August by Morphisec, when one of your clients was affected by BitPaymer ransomware. They quickly contacted the Cupertino-based company reporting all the details about the operation of this virus and how it had been able to reach that company's computers.
If you use Windows and you have iTunes installed, it is already taking update both iTunes and iCloud through this link. If the version of iTunes you have installed comes from the Windows Store, you just have to access it and update the application. This vulnerability does not affect computers managed by macOS.
