Music lovers and Apple fanatics, beware: There’s a new malware campaign out there, and it’s using iTunes to get to you.
The malware, nicknamed “LizaMoon” by security firm WebSense, was first discovered on March 28th on 28,000 webpages, many of them associated with RSS and XML feeds for iTunes podcast updates. A more recent update claims that upwards of 500,000 pages are now affected (Google claims 1.5 million pages, although WebSense is unsure about the veracity of that number).
According to WebSense, Lizamoon tries to convince users that they need to download software to remove an existing virus, although the warning can appear on pages unaffected by Lizamoon, the infection having happened earlier without any visible sign for the user. The security firm even made a video to explain more:
There is one benefit for iTunes users – Apple says that it prevents the code from automatically executing even on affected feeds – but if you’ve downloaded any podcasts from iTunes lately, you might want to update your antivirus systems, just to be on the safe side.
More on Techland: