iTunes Social Network Spammed

It didn't take very long for Apple's new iTunes social network for music fans, which launched on Sept. 1, to get targeted by spammers.

The service, built into the latest version of iTunes, lets users follow their favorite artists and read and post comments. Only 48 hours after Ping's launch, Apple reported hitting more than 1 million users.

And another 24 hours later, Chester Wisniewski, senior security advisor for antivirus software vendor Sophos,reported that the service was being targeted by spammers posting comments that promised free iPhones to those who filled out bogus surveys. Presumably, when users click the embedded link, malware downloaded to their computers, which then become part of a botnet for spaming other computers on the Internet.

Similar scams hit Facebook and Twitter.

"Cybercriminals have been targeting social networks for quite some time, as it has been proven that by targeting a users social network results in a higher success rate than spamming a large group of people via e-mail," said Bradley Anstis, VP of technology strategy for M86 Security. "The 'Win a Free iPod' scam, documented long ago worked very successfully. It's rather ironic that this very scam has begun to proliferate within Apple's own product."

Anstis recommended that Apple implement some form of automation to strip out links from comments.