A new Apple malware called WireLurker has been discovered with Chinese users being its primary target.
Claud Xiao of Palo Alto Networks has announced the discovery of a new version of malware effecting Apple OS X and iOS platforms. Aptly names ‘WireLurker’ the malware can infect “even non-jailbroken iOS devices through trojanised and repackaged OS X applications, and is the first known malware family that can infect installed iOS applications similar to how a traditional virus would”.
As WireLurker is thought to have been developed in China, its primary targets at the moment are Chinese users; however that could change in the near future. The malware is believed to be spreading through apps uploaded from third party websites where more than 460 infected apps from the Maiyadi store (a third-party Mac app store in China) have been downloaded over 350,000 times.
Palo Alto Networks have commented that the malware is “capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers’ control server”. Despite this, it’s is unclear what the creators motives are; however we do know that they are still actively developing the software.
The Wirelurker malware works by monitoring “any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken”. Palo Alto went on to comment that although “researchers have demonstrated similar methods to attack non-jailbroken devices before; this malware combines a number of techniques to successfully realise a new brand of threat to all iOS devices”.
To prevent the malware spreading, we recommend users avoid third-party app stores and avoid using USB-based charges from unknown sources.