WireLurker: Apple’s biggest threat

WireLurker: Apple’s biggest threat

Whenever you hear that a piece of malware has hit the Windows environment, it doesn’t make that much of an impact. However, when it recreates the scene from Entrapment and maneuvers its way into Apple’s traditionally locked-down environment, that turns some heads.

It’s to be expected that, WireLurker, a strain of malware that is transferred from infected Macs to USB-connected iOS devices, has caused some upheaval in the past 24 hours.

According to Unit 42 – the threat intelligence team at Palo Alto Networks that discovered the vulnerability – WireLurker has made its way onto potentially hundreds of thousands of China-based people’s Apple devices. What’s more, the company reckons it has the potential to spread its tentacles abroad.

To keep you informed, here’s the scoop on the malware and all the pertinent information that you’ll need to know about the “new breed of threat to all iOS devices”.  And this affects the system whether the iOS device is jailbroken or not.

“This is the reason we call it ‘wire lurker,” Palo Alto Networks said. “Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.”

This attack is only the second known instance of malware than attacks iOS devices through a Mac via USB.  But, this attack is unprecedented as it is acting like a traditional virus. It is also the first to install malicious third-party apps on an iOS device that is not jailbroken.

According to Palo Alto Networks, it has been used to infect 467 OS X applications on China’s Maiyadi App Store. In the past six months, the infected apps were downloaded 356,104 times, and may have impacted hundreds of thousands of users. “The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms,”

Apple has reported that it has blocked the infected apps and issued the following, “We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources.”

Mac owners have been urged to purchase and install anti-virus software in order to mitigate the threat. This includes making sure that their Macs only download apps from the Mac Apple Store.

iOS users are being prompted to make sure their OS is up to date and to avoid connecting to an unknown or untrusted computer, or jailbreaking their devices.

Source: Palo Alto Networks

Leave a Comment