Chinese Mac and iOS users targeted by new ‘WireLurker’ malware capable of infecting non-jailbroken devices

Update: Apple confirmed the security issue in a statement provided to iMore. Apple has also revoked the certificate to prevent the apps from being installed on new devices.

The New York Times reports that a security firm called Palo Alto Networks has uncovered a new form of Apple-focused malware that is capable of infecting non-jailbroken iOS devices. Typically when such software pops up, as it does from time to time, one of the key factors that allows the malicious code to run on iOS is whether the device is jailbroken. The new “WireLurker” malware, however, is installed on the mobile device over USB by an infected Mac.

These infected Mac apps are reportedly coming from the Maiyadi App Store, a third-party software storefront operated in China. Palo Alto Networks says over 400 apps in the store are affected, and have been downloaded over 356,000 times total, potentially resulting in hundreds of thousands of infected devices.

What exactly can WireLurker do once it’s on your iOS device? A better question might be “what can’t it do?” Palo Alto Networks says that the software can access and steal a user’s address book, read their iMessages, and download updates to itself in the background, allowing it to be upgraded with new capabilities without the user ever having to do anything.

Even though the malware seems to be coming mostly from Chinese sources, the company says the best way for all users to avoid getting infected by these types of software is to only download Mac applications from trusted sources like the Mac App Store. Palo Alto Networks also said that it has reported this issue to Apple.

Like this:Like Loading…

Share This

Apple announces OS X Yosemite available today for free

New Mac botnet malware uses Reddit to find out what servers to connect to

Leave a Reply Cancel reply

Enter your comment here…

Please log in using one of these methods to post your comment:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your account. ( Log Out / Change )

You are commenting using your account. ( Log Out / Change )

You are commenting using your account. ( Log Out / Change )

Cancel

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

10 Responses to “Chinese Mac and iOS users targeted by new ‘WireLurker’ malware capable of infecting non-jailbroken devices”

  • coolfactor says:

    November 5, 2014 at 4:34 pm

    Ugh, I don’t even want to start…

    LikeLiked by 2 people

    Reply

  • Edison Wrzosek says:

    November 5, 2014 at 4:52 pm

    Now let’s see Xprotect in action and see if it can weed out this crap…

    And on a sadder note, remember this day in history, the hackers have now noticed Mac and iOS in China, and have begun their assault, bastards!

    LikeLiked by 1 person

    Reply

  • Bruno Fernandes (@Linkb8) says:

    November 5, 2014 at 5:20 pm

    Has anyone called bullish on this yet? I’ll do it. Bullshit.

    LikeLiked by 1 person

    Reply

  • Bruno Fernandes (@Linkb8) says:

    November 5, 2014 at 5:28 pm

    The original story is so flu of misinformation it’s difficult to read for anyone that knows anything about how iOS works.

    LikeLike

    Reply

  • markbyrn (@markbyrn) says:

    November 5, 2014 at 6:05 pm

    Hyperbolic FUD as expected. From what I read on their site, one would have to accept an unknown provisioning profile to get infected. Obviously if you’re ignorant enough to do that, enjoy the consequences.

    LikeLiked by 1 person

    Reply

  • greggthurman says:

    November 5, 2014 at 9:28 pm

    The malware gets onto your Mac on Appls purchased from a third party site. You cannot get this malware if you buy all your apps through the iTunes Store.

    Say what you want about Apple’s “closed” system, I’ll gladly stay within its confines for the protection that Apple vetting provides.

    LikeLiked by 2 people

    Reply

  • aeronperyton says:

    November 5, 2014 at 9:30 pm

    The media wants there to be a real virus for the OS X platform so badly…

    LikeLiked by 4 people

    Reply

  • scumbolt2014 says:

    November 5, 2014 at 11:47 pm

    So the number of at risk iPhones and total number of Andriod phones in consumer hands is equal now.

    LikeLike

    Reply

    • BlueLightAlarm says:

      November 6, 2014 at 8:17 am

      I wouldn’t say that at all – there are always dodgy apps being offered/downloaded on the Google Play store and directly infecting who knows how many Android devices. This “threat” (if you actually believe it to be true) ONLY infects people who download apps from Maiyadi on a Mac and then infects their iPhone if/when it is plugged in via USB – There’s a lot more things that have to happen for an iPhone to get infected

      LikeLike

      Reply

  • Michael The Geek  (@MichaelTheGeek) says:

    November 6, 2014 at 8:22 am

    China has all this tech thanks to the USA and EU.

    LikeLike

    Reply

  • Chinese Mac and iOS users targeted by new ‘WireLurker’ malware capable of infecting non-jailbroken devices