Date :Thursday, November 6th, 2014 | Time : 05:55 |ID: 15125 | Print

New malware targets Apple Macs, then iPhones via USB

SHAFAQNA – Users of Apple computers and mobile devices, beware: a new malware is targeting both platforms, a security vendor warned early Thursday (PHL time).

Dubbed “WireLurker,” the new malware threatens iPhones and iPads connected via USB to infected Macs running OS X.

“We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms … Of known malware families distributed through trojanized/repackaged OS X applications, it is the biggest in scale we have ever seen,” said in a blog post.

WireLurker can steal information from the mobile devices it infects and can regularly request updates from the attackers’ command and control server.

While WireLurker is the second known malware family to attacks iOS devices through OS X via USB, it is the first to automate generation of malicious iOS apps.

It is also the first known malware that “can infect installed iOS applications similar to a traditional virus.”

Worse, it is the first malware in the wild to install third-party apps even on non-jailbroken iOS devices.

Infected applications

WireLurker has trojanized 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China.

The malware monitors iOS devices connected via USB with an infected OS X computer, then downloads and installs third-party apps or automatically generated malicious apps to the iDevice.

It even has “complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing,” the firm said.


Palo Alto recommended that enterprises make sure their mobile device traffic is routed through a threat prevention system

They should also use an antivirus or security protection product for the Mac OS X system and keep it updated.

For OS X users, they can go to the “Security & Privacy” settings and make sure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set.

“Do not download and run Mac applications or games from any third-party app store, download site or other untrusted source,” it added.

As for iOS users, it said they should keep their iOS version updated, and not accept any unknown enterprise provisioning profile.

“Do not pair your iOS device with untrusted or unknown computers or devices,” it added.

Also, they should avoid powering iOS devices through chargers from untrusted or unknown sources.  Joel Locsin/JST, GMA News
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *