US security firm Palo Alto Networks has discovered one of the largest attack on hundreds of thousands of non-jailbroken Apple devices, mostly in China. The cybersecurity firm has coined the name WireLurker for this new malware, and stated that it monitors devices connected via USB cable to an infected computer and installs toxic applications onto the device, stealing significant amounts of personal information like contact list etc. from user’s connected devices. The malware creator’s motive is not quite clear yet. And yes, your Apple devices are no longer as safe as you’d have liked them to be, and obviously it’s no longer “virus-free”.
Palo Alto Networks intelligence director Ryan Olson states that the malware is unlike anything they’ve ever seen, and that it “heralds a new era in malware attacking Apple’s desktop and mobile platforms.” The cybersecurity firm claims that the malware is spreading through applications downloaded from the Maiyadi App Store, a third-party app store in China, from where a total of 467 infected applications were downloaded over 356,000 times in the last six months, thus leading to the fast spread of the malware. Once WireLurker gets access to a non-jailbroken iPhone, the infected program side-downloads a non-malicious comic-book app onto the device.
Palo Alto claims that the malicious program is still in development and is constantly seeking updates from the attacker’s command and control server. The infection is limited to China as of now, but the company doubts that this is just a test and a heavier malice may hit stronger later. For jailbroken iPhones it’s a different cry altogether, as WierLurker rewrites Alibaba’s TaoBao and AliPay apps to steal users’ payment credentials.
Palo Alto is requesting people to shun third-party apps for the moment, and make sure that security protection is installed in Apple devices and is updated the latest iOS version. The firm even warned enterprises using Mac computers to make sure that the traffic through mobile device is routed via a threat protection system.
For more information on the malware, check Palo Alto’s report here.