SHAFAQNA – Users of Apple computers and mobile devices, beware: a new malware is targeting both platforms, a security vendor warned early Thursday (PHL time).
Dubbed “WireLurker,” the new malware threatens iPhones and iPads connected via USB to infected Macs running OS X.
WireLurker can steal information from the mobile devices it infects and can regularly request updates from the attackers’ command and control server.
While WireLurker is the second known malware family to attacks iOS devices through OS X via USB, it is the first to automate generation of malicious iOS apps.
It is also the first known malware that “can infect installed iOS applications similar to a traditional virus.”
Worse, it is the first malware in the wild to install third-party apps even on non-jailbroken iOS devices.
WireLurker has trojanized 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China.
The malware monitors iOS devices connected via USB with an infected OS X computer, then downloads and installs third-party apps or automatically generated malicious apps to the iDevice.
It even has “complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing,” the firm said.
Palo Alto recommended that enterprises make sure their mobile device traffic is routed through a threat prevention system
They should also use an antivirus or security protection product for the Mac OS X system and keep it updated.
For OS X users, they can go to the “Security & Privacy” settings and make sure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set.
“Do not download and run Mac applications or games from any third-party app store, download site or other untrusted source,” it added.
As for iOS users, it said they should keep their iOS version updated, and not accept any unknown enterprise provisioning profile.
“Do not pair your iOS device with untrusted or unknown computers or devices,” it added.