New malware attacks both OS X and iPhones

Status
Not open for further replies.
Petrovic

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,355
Content source
http://www.neowin.net/news/new-malware-attacks-both-os-x-and-iphones
Apple’s good reputation around security has mainly been due to lack of marketshare and lack of high-value targets but a new piece of malware may alter that perception. The new malware infects both OS X and iOS and has already potentially compromised hundreds of thousands of devices.

Dubbed Wirelurker, this new piece of malware was discovered by researchers after it infected hundreds of Mac OS X applications on the Maiyadi Store, a third party Mac application store in China.

Through the app store downloads it would spread to iMacs and Macbooks where it would wait for a USB connection to an iPhone. Once available the malware would spread itself onto the phone, where it would either inject a test app, or replace certain money transfer apps depending on whether the iPhone was jailbroken or not. And it does all of this by using Apple’s enterprise app deployment system, designed to allow mass deployment of software without going through the App Store.

The researchers estimate that the infected applications were downloaded over 350,000 times with potentially hundreds of thousands of iPhones being affected.

Of course you should be at least safer if not completely safe as long as you stick to official App Stores but this event does highlight a new attack vector, one that may be used a lot in the near future if it proves successful.
 
  • Like
Reactions: Adhit Prakosho, Perezzz and Kent
Adhit Prakosho

Adhit Prakosho

Level 19
Verified
Top Poster
Well-known
Sep 14, 2014
929
The way WireLurker works is that it moves to infect Mac machines by standard infection vectors. Then it waits for the user to plug their iOS device into their Mac’s USB port. Once that happens, WireLurker begins installing malicious applications on the iOS device. In particular, it seeks out three popular apps — the Chinese varieties of eBay, PayPal and a popular photo editor. It then uninstalls the legitimate version of those apps and replaces them with malicious ones.

Kaspersky Lab products detect and block this threat as Trojan-Downloader.OSX.WireLurker.a

  1. Run an antivirus product and keep it updated.
  2. Check out your OS X “system preferences” then “security and privacy” and set it up so that you only allow downloads from the App Store and identified developers (see short video below).



  3. On that note: don’t download apps from third party marketplaces
  4. Keep iOS and OS X updated.
  5. Be careful about charging your iOS device by plugging it into computers other than your own.


Source
 
Last edited:
Status
Not open for further replies.

Similar threads

Ink
    • Like
    • +Reputation
    • Applause
Fake Bitcoin app reached top of iOS App Store (Update: Removed by Apple)
Replies
0
Views
926
News Archive
Ink
Ink
MuzzMelbourne
    • Like
    • +Reputation
New AhRat Android malware hidden in app with 50,000 installs
Replies
0
Views
904
News Archive
MuzzMelbourne
MuzzMelbourne
vtqhtr413
    • Like
    • Applause
    • +Reputation
Technology Apple's reportedly ready to open the iPhone to sideloading in EU only
Replies
0
Views
419
Technology News
vtqhtr413
vtqhtr413

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top