Law Enforcement Malware Leverages iTunes Vulnerability
The FinFisher spyware application exploits a flaw that was patched in iTunes 10.5.1.
According to a demo at a recent trade show, a Trojan used by law enforcement leverages a recently-patched flaw in iTunes.
"Spiegel Online reports that a promo video for a variant of the FinFisher spyware application shows it exploits a vulnerability in iTunes to update the software on targeted systems," writes The Register's John Leyden.
"FinFisher is marketed by Gamma International to cops and spooks as a means to tap the Skype calls, IM chats and emails of suspected criminals," Leyden writes. "Documents found during the ransacking of Egypt's secret police headquarters, at the height of the Arab Spring uprising, suggest that the Mubarak regime purchased FinFisher to spy on dissidents."
Go to "Cyber-cop Trojan used iTunes flaw to spy on crims" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.