WireLurker Malware Puts in Danger over 800 Million Apple Devices
Espionage malware called Wirelurker that focuses on Apple products has been uncovered that, different to most of other iPhone bugs, is actually able to compromise tablets and smartphones running non-jailbroken iOS version which puts over 800 million of those devices at great risk.
As of late, what one seem to consider Apple’s operating system as a safer one compared to Android or Windows, have been a target for an increasing number of attack vectors. A multi-pronged threat is what WireLurker is; after the attack it infects Macs’ OS X operating system via the applications that have been compromised, and from that point it can infect any mobile device such as iPhone smartphone or iPad that is connected to the computer via USB connection – notably no matter if it’s jailbroken or not.
Palo Alto Networks’ researchers have revealed the bug, which already has affected negatively more than hundreds of thousands Asia based users. More than 467 trojanized, malware-laden Apple’s OS X applications in the China’s unofficial Maiyadi App Store has been found by the firm. Those applications were downloaded way over 357,000 times in just last six months.
Despite the statistics that currently it is more viral in China, there is no guarantee that it will not spread to other markets Due to devices regularly requesting updates from the command and control server belonging to an attacker, there is possibility for the new applications or features to be installed at any given time.
The researchers wrote in their 30-page report that “this malware is still just under active development and its creator’s true goal is not yet revealed or clear. The true purpose of the WireLurker attacks is not outright clear. Its’ infrastructure and functionality allows the attacker to gather substantial amounts of information from a large number of Mac OS and Chinese iOS systems, however none of the information indicates a particular reason.” Researchers anticipate that WireLurker has yet to reveal its full functionality.
Currently, WireLurker shows not only complex code structure but also file hiding, code obfuscation, multiple different component versions and customized encryption to thwart anti-reversing. “Wirelurker has an astonishing capability to snatch a variety of information from infected mobile devices and frequently request for an update from attackers command and control server,” said Palo Alto.
Few facts that make WireLurker a more notable malware amongst other The firm says that out of all known malware families that are distributed via trojanized and repackaged applications for OS X, this one is the biggest in its scale to date. Also, it is only the second malware family attacking iOS mobile devices through OS X via USB connection, and above all the first malware that is able to install third-party applications on iOS based devices via enterprise provisioning that are non-jailbroken.
WireLurker also is automating the generation of iOS apps that are malicious, through binary file replacement. It thus monitors whether there is any iOS based device connected via the USB connection on an OS X computer and then if one is found it installs downloaded third-party apps and or automatically generated applications that are malicious on the device, no matter if the device is jailbroken or not.
Palo Alto has warned that “researchers managed to demonstrate similar methods to non-jailbroken devices’ attack before; but, WireLurker combines a variety of techniques to swimmingly realize a new species of threat to all Apple’s iOS devices.”
Palo Alto also recommends deleting all of the respective files and removing the applications that are reported by the script as soon as WireLurker is found on any OS X based computer. He also recommends inspecting all of iOS devices that were in contact with that computer.
We recommend you to use our highly secure VPN software to encrypt and protect your data that travels around the internet. With a wide range of features and a large amount of users that already have put their cyber-privacy in our hands, you definitely won’t be left out in the open for the cyber-attackers to chew on your personal data.