It seems that the malware writers are starting to see the superior security of Apple as a really good way to get an open goal at tougher Windows software.
However the malware is the kiss of death to those who manage the app in their iTunes accounts on Windows machines. This suggests that it was designed to bypass Windows security by piggy backing onto Apple’s system.
The malware is installed in the free “Instaquotes Quotes Cards for Instagram” app from the iTunes store. The software was defined as the “Worm.VB-900” malware.
Sophos described the malware as “Mal/CoiDung-A,” which is a worm written in visual basic that installs files within the Windows system directory. Vole’s Security Essentials instantly detects the executables as malware and deletes it.
This is not surprising as it seems rather elderly malware which is getting a new outing by using Apple’s iTunes as a delivery mechanism. It should be detectable, but many users may ignore warnings from their computers because they believe that Apple is very careful about allowing malware in its walled garden of delights.
But it might also be a dry run for a more serious malware strike later on. After all if Windows users did download the malware it shows that Apple’s iTunes makes a good attack vector.
Apple has apparently removed the offending from the App Store, so it is no longer available for download either through iTunes or directly on an iOS device.