Today we published a new research paper on WireLurker, a family of malware targeting both Mac OS and iOS systems for the past six months.
We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms based on the following characteristics:
Of known malware families distributed through trojanized / repackaged OS X applications, it is the biggest in scale we have ever seen
It is only the second known malware family that attacks iOS devices through OS X via USB
It is the first malware to automate generation of malicious iOS applications, through binary file replacement
It is the first known malware that can infect installed iOS applications similar to a traditional virus
It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning
WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.