First Dedicated iOS Malware Discovered – 350,000 Downloads Already

Rafia Shaikh

Dedicated malware designed to infect iOS or OS X are rarely seen thanks to the closed and secure environment that Apple focuses on. However, things are changing now with a recent development reported by the security researchers who have found a bug which has reportedly affected hundreds of thousands of users already. This is particularly infecting the users who are using Maiyadi App Store - a third-party OS X software resource in China.

Dedicated iOS malware discovered:

Malware and security concerns have usually been associated with Android, however, improved security and avoidance of sideloading apps have kept the user secure. Seems like now it's Apple's turn to get some limelight and work on improving security. This latest bug called Wirelurker was discovered by researchers of Palo Alto Networks. This is the first case of malware attacking a non-jailbroken device which is definitely causing some concerns in users.

iOS malware Wirelurker is transmitted over USB which is the primary reason it has spread through Maiyadi which loads apps on to any iOS device via OS X.

WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.

WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing. In this whitepaper, we explain how WireLurker is delivered, the details of its malware progression, and specifics on its operation.

Once up on the device, it can turn other programs on the device into malware. The infected apps have been downloaded over 350,000 times; you can detect if your device is infected by using a software released by Palo Alto Networks. Staying safe is fairly easier - just don't use any third party app stores and avoid using USB connections from unknown sources.

Source: Palo Alto Networks, The Verge

Deal of the Day