Apple and the users of its products have always had at least one key piece of statistics in their favor: the negligible proportion of malware susceptible to attack the iOS and OS X platforms. In a stark contrast to this, Android and Windows operating systems have received a bad rap for being prone to fall victim to the viruses, malware and exceedingly intricate security concerns. But the latest malware in town, WireLurker, would like to have a word with the iFans.
The reason behind WireLurker gaining quick notoriety are twofold: not only does it target Apple’s platforms — both the mobile and desktop, but it can also allegedly target devices which are not jailbroken. According to a cautious estimate, hundreds of thousands of users may already have fallen prey to WireLurker.
According to the cyber-security firm PaloAlto Networks which did the original research on the family of malware, the WireLurker has been targeting Mac and iOS devices for the past six months now. The malware itself primarily infects Mac devices when a Mac app containing the malware is downloaded from an unofficial source, and is then transferred to any iOS device that is connected to the system via USB.
WireLurker is unique compared to other Mac or iOS malware because of several characteristics. It is only the second known malware which attacks iOS devices via USB, it has the ability to automate the generation of malicious iOS app files, and it can also affect the apps already installed on the iOS device. While the malware isn’t showing any signs of serious damage right now, the way it can communicate with C2 (Command and Control) servers to download data and replicate itself are extremely worrisome signs which could lead to serious security concerns in the future.
PaloAlto Networks has compiled a generic guideline for iOS and Mac users following which they can minimize the risk of exposure of their devices to WireLurker:
Update (07/11/2014 – 10:07 PM): Apple has released an official statement explaining that the threat posed by the malware has been neutralised:
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources,” stated an Apple spokesperson.
–Sources: ITProPortal, Rappler, PaloAlto Networks, ExtremeTech
The Secretary of the Sukkur IBA Testing Agency has formally requested urgent action from the…
The Pakistan Software Export Board (PSEB) has launched a nationwide program to encourage IT startups…
A significant issue with Google Play Services has left many Pixel users unable to access…
When it comes to Android messaging apps, WhatsApp stands out as one of the best.…
Farrukh H. Sabzwari has been appointed Chief Executive Officer (CEO) of Pakistan Stock Exchange Company…
RAWALPINDI: The chairman of the Punjab Education Foundation, Malik Shoaib Awan, stated on Monday that…
Leave a Comment