Apple fixed a major flaw in iTunes and iCloud for Windows that allowed ransomware to be installed on PCs such as reported by Forbes. Ransomware, if you don't know it, is a type of malicious software that makes data stored on a machine inaccessible, usually through encryption. Thus, the hacker requires a “ransom” payment to reestablish user access.
The breach is the result of an unspecified Bonjour crash (Apple's app that bundles some of its software to install it on PCs) and basically allowed malware to run on Windows, which identified it as a trusted app.
Such malware takes advantage of Bonjour's Apple certificate to go unnoticed by Windows – that is, both the user and the operating system believe the software was developed by Apple. THE Morphisec, a security company that discovered the flaw, explained that BitPaymer malware was using this attack scheme to infect systems.
When the flaw is in a trusted program – such as those digitally signed by a developer known as Apple – attackers can exploit it to make the software execute code that virus protection cannot flag as suspicious.
Users who previously uninstalled iTunes and Windows iCloud are not necessarily out of danger. Like everything in Bonjour, the tool must be removed separately, otherwise this path of contamination will remain open.
Morphisec waited for Apple to fix the bug so that it could detail it and found that BitPaymer is relatively recent, having been seen for the first time in attacks on hospitals, universities and government agencies. In one case, the invaders demanded a ransom of 70 bitcoins (about $ 570,000).