Main menu

Pages

The New iOS Malware: WireLurker

iOS Malware: WireLurker
Apple Inc. has always criticized the inability of Android system to handle and counter malware attacks and boast at how effective the iOS anti-malware security prevent malicious attempts t o penetrate the system. However, it looks like the tech company might have a serious iOS and OS X security issue on its hands right now, The New York Times reports.

While malware attacks have been possible against jailbroken iOS devices for some time, a new piece of malware has been discovered that can infect even iPhones that have not been jailbroken.

Researchers at the Palo Alto Networks discovered the program, called WireLurker, which can be used for many purposes including spying silently on users. It seems to already have affected hundreds of thousands of users in Asia.

The point of entry seems to be OS X computers, with researchers having found 467 malware OS X applications in the unofficial Maiyadi App Store in China that were downloaded more than 356,000 times in the past six months in the region.

Once on a Mac, WireLurker can infect any iPhone that’s connected via USB to the computer, and install malicious applications.

"WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing," the researchers wrote.

"WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server. This malware is under active development and its creator’s ultimate goal is not yet clear," he said.

"They are still preparing for an eventual attack," Palo Alto Networks director of threat intelligent Ryan Olson told the Times. "Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices."

This isn’t the first time Apple has had security problems in China, with the company having fought a complex iCloud phishing attack only a few weeks ago.

More details about WireLurker, and what you can do to limit exposure to it, are available at the source links. Obviously, the first step is staying away from untrusted Mac App Store, as it appears that as long as the malware doesn’t reach your Mac, your iPhone is safe.

"UPDATE:

It appears the WireLurker malware threatening Macs, iPads and iPhones has, for now, been partially neutralized for now.

Apple told "The Register" it has revoked a previously legit cryptographic certificate the malware was using to sign itself: this certificate tricked iOS devices into trusting and installing WireLurker's malicious apps.

Now the Cupertino giant has marked that certificate as untrustworthy, prompting devices to reject any code hanging off it."
reactions

Comments