NEWS FROM THE LAB - Thursday, April 5, 2007

iPod virus Posted by Mikko @ 20:27 GMT

We got a sample submission earlier today… a file called Oslo.zip.

The person who submitted it is actually a celebrity: you all know him:


What Oslo.zip contained was a virus for Apple's iPod.

However, this virus is able replicate only on iPods that are running the iPod Linux operating system. It does not work on normal iPods that are running the default iPod operating system.

iPod Linux is a uCLinux-based software distribution targeted specifically to run on Apple iPods. It enables the iPod to run a variety of third party software, such as games.

So it's a proof-of-concept virus for a rare operating system, and it's not going to become a real-world problem. However, it does show that the computer underground is actively studying new platforms such as portable devices.

And it really is theoretical. After we got the sample, we installed iPod Linux on some iPods we had at hand, but we couldn't get the malware to operate correctly no matter what we tried. However, our friends at Kaspersky did get it working. Pictures and more information available on their blog.

P.S. Also see this.