Apple devices infected with "WireLurker" Malware in China
Palo Alto Networks Inc has recently discovered that a new malware that can attack and infect Apple's devices and its OS.
The malware "WireLurker" is able to install 3rd party application on non jailbroken iOS devices and transmit through infected Macs to iPhone through USB cables, said Ryan Olson, intelligence director for the company's Unit 42 division.
The attackers were known to be Chinese and the malware originated from Chinese's App with most affected users being in China.
The malware spread when infected apps were downloaded from apps store onto Mac computer when then spread to iPhones. More than 400 apps have been infected and downloaded over 350,000 times.
Apple is aware of the situation and has blocked out infected apps from launching. An Apple spokesman requested users to download and install software from trusted sources.
The motive of the attack is still unknown and there are no evidence that the attackers have hacked into any sensitive information.
Once "WireLurker" gets into your iPhone, it can then infect other apps on the device too. This is the first time that Apple has seen anything like this.
Palo Alto Networks has some tips to protect your Apple devices from WireLurker:
- Use an antivirus or security protection product for your Mac OS X system and keep its signatures up to date.
- In the OS X System Preferences panel under “Security & Privacy,” ensure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set.
- Don't download and run Mac applications or games from any third-party app store, download site or other untrusted source.
- Keep the iOS version on your mobile device up to date.
- Don't connect your iOS device to untrusted or unknown computers, accessories or devices, including chargers.
- Don't jailbreak your iOS device; If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device.
- Don't accept software distributed via an "enterprise provisioning profile" unless your IT corporate help desk or other trusted party explicitly instructs you to do so.
- Businesses should route mobile device traffic through a threat prevention system using a mobile security application.