Jump to content
Sign in to follow this  
Followers 0

WireLurker: A New Era in OS X and iOS Malware


Allan
  • Today we published a new research paper on WireLurker, a family of malware targeting both Mac OS and iOS systems for the past six months.

We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms based on the following characteristics:

  • Of known malware families distributed through trojanized / repackaged OS X applications, it is the biggest in scale we have ever seen
  • It is only the second known malware family that attacks iOS devices through OS X via USB
  • It is the first malware to automate generation of malicious iOS applications, through binary file replacement
  • It is the first known malware that can infect installed iOS applications similar to a traditional virus
  • It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning

WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.

Sign in to follow this  
Followers 0


User Feedback

Recommended Comments

834ba620ac7c9b84543c859e47247be1.png

We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms based on the following characteristics:

  • Of known malware families distributed through trojanized / repackaged OS X applications, it is the biggest in scale we have ever seen
  • It is only the second known malware family that attacks iOS devices through OS X via USB
  • It is the first malware to automate generation of malicious iOS applications, through binary file replacement
  • It is the first known malware that can infect installed iOS applications similar to a traditional virus
  • It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning
WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.

 

Click here to view the article

 

Way to stop it?

Thanks

Share this comment


Link to comment
Share on other sites

This malware is under active development and its creator’s ultimate goal is not yet clear.

 

Paloaltonteworks recommends:

 

We recommend users take the following actions to mitigate the threat from WireLurker and similar threats:

  • Enterprises should assure their mobile device traffic is routed through a threat prevention system using a mobile security application like GlobalProtect
  • Employ an antivirus or security protection product for the Mac OS X system and keep its signatures up-to-date
  • In the OS X System Preferences panel under “Security & Privacy,” ensure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set
  • Do not download and run Mac applications or games from any third-party app store, download site or other untrusted source
  • Keep the iOS version on your device up-to-date
  • Do not accept any unknown enterprise provisioning profile unless an authorized, trusted party (e.g. your IT corporate help desk) explicitly instructs you to do so
  • Do not pair your iOS device with untrusted or unknown computers or devices
  • Avoid powering your iOS device through chargers from untrusted or unknown sources
  • Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)
  • Do not jailbreak your iOS device; If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device

Share this comment


Link to comment
Share on other sites

Or better yet to be safe unplug all hackintosh's :P:lol: .

i try now... :w00t: Unplug everything..And look :thumbsup_anim: One dead Hackintosh..... :(

Next step is? :D

Hacker's are ahead of us.At least we can not lift an a.

Here we've gathered the best.

And help all :P.

And sorry..maybe my English is too Bad :rolleyes:

Share this comment


Link to comment
Share on other sites

I have infected this malware from Maiyadi(means Malt Field),I don't remember which app cause this.Now Maiyadi responsible people is arrest by beijing police.So this malware will be end.

Share this comment


Link to comment
Share on other sites

It doesn't matter, the government already knows who you are!

 

Just keep your private stuff on a different computer which has nothing more as the system install and the regular software for browsing, mailing and bankaccounts.

 

I use an older mac for that kind of business. 

Share this comment


Link to comment
Share on other sites

Jokes on them. My Hackintosh freezes when I plug any USB device ahahhahahhaha !!!11!!!one!!

/joke

Even better for me, if I even plug in the power cord I get a Kernel Panic :P:hysterical::D .

Share this comment


Link to comment
Share on other sites

×