Jump to content

Recommended Posts

  • FPCH Admin
Posted

wirelurker-richard-uten-cc-by-100529143-primary_idge.png

 

Plugging in your iPhone? Don't blindly trust Macs or chargers, even if you're not in China.

 

It’s not very often you hear about malware targeting iOS, but security researchers in Silicon Valley said on Wednesday they’ve spotted new malicious software doing just that.

 

Although it appears to be spreading through a third-party OS X app store in China and consequently largely confined to that country, the development could be a taste of things to come for iDevice owners in other parts of the world if similarly designed malware is launched by other cybercriminals, or even the same group.

 

Palo Alto Networks said the one it’s uncovered, called ‘WireLurker’, loads onto iPhones and iPads when the device is connected via USB to a Mac computer onto which an infected OS X app has already been downloaded.

 

 

The security firm’s Claud Xiao said in a blog post (via NYT) that the malicious software is apparently only the second known case of a malware attack on iOS devices through OS X via USB, and can infect Apple devices whether or not they’ve been jailbroken. In an ominous note, the researcher said the discovery “heralds a new era in malware attacking Apple’s desktop and mobile platform” and is “the biggest in scale we have ever seen.”

 

According to Palo Alto Networks’ research, WireLurker has infected 467 OS X apps on the third-party Maiyadi App Store, with just over 356,000 downloads made to OS X computers, meaning the malware could have impacted “hundreds of thousands” of iOS users.

 

The malware is capable of stealing “a variety of information” from a user’s mobile device, though according to Xiao, the goal of the person or people behind the software, which is continuing to be updated, is yet to be identified.

 

 

For now, the security firm suggests users take a number of steps to ensure they steer clear of WireLurker and similar threats, including avoiding Mac apps from third-party app stores, and refraining from connecting iOS devices to untrusted or unknown accessories or computers. See Xiao’s post for the full list of recommended measures.

 

While the software appears to be confined to users in China for now, Ryan Olson, the director of threat intelligence at Palo Alto Networks, suggested it may not stay that way, telling the NY Times that it “demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”

 

We’ve reached out to Apple for comment and will update when we hear back.

 

 

Read more: http://www.digitaltrends.com/mobile/wirelurker-malware-targets-ios-users/#ixzz3IIZ3o6wu

~I know that you believe you understand what you think I said, but I'm not sure you realize that what you heard is not what I meant.~

~~Robert McCloskey~~

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...