New Malware Targets iOS, OS X - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Applications
News
11/6/2014
10:16 AM
0%
100%

New Malware Targets iOS, OS X

WireLurker infects iPhones and iPads via USB cable when attached to Macs.

10 Great iOS 8 Features
10 Great iOS 8 Features
(Click image for larger view and slideshow.)

Researchers at security company Palo Alto Networks report they've found new malware that targets Apple's iPhone and iPad. The malware, called WireLurker, moves from Mac computers to iPhones and iPads through USB cables. Palo Alto Networks called it "a new era in malware" that represents "a potential threat to businesses, governments, and Apple customers worldwide." Don't freak out just yet.

Palo Alto Networks discovered the malware back in June. It came across the malware in the Maiyadi App Store, which it described as a China-based third-party application store for Apple computers. The researchers found 467 infected apps that were downloaded more than 356,000 times. The impact could be big if Palo Alto Networks' claims are indeed true.

What does WireLurker do? Palo Alto Networks said it is the first known malware family that can infect installed iOS applications similar to traditional viruses. It can install third-party applications on non-jailbroken iOS devices through enterprise provisioning. That's significant. Non-jailbroken phones have long been considered safe from malicious attacks. In fact, WireLurker is able to trick people into thinking it is a legit app when distributed via enterprise networks. Palo Alto Networks said WireLurker is the second-known malware family that attacks iOS devices through OS X and USB, and it is the first that can automatically generate malicious iOS apps through binary file replacement. In other words, in can wreak havoc if it spreads.

[Apps stores aren't the only place where you can find trouble. Read 4 Ways to Avoid Malicious Links on Social Media.]

"WireLurker is unlike anything we've ever seen in terms of Apple iOS and OS X malware," said Ryan Olson, intelligence director at Palo Alto Networks. "The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world's best-known desktop and mobile platforms. As such, we have provided full protection to Palo Alto Networks customers and published a detailed report so others can assess the risk and take appropriate measures to protect themselves." Apple has not yet commented publicly on the matter.

Palo Alto Networks has compiled a report on WireLurker. It is accessible here, though the report is not free.

Security researchers have offered some basic recommendations, however, that should prevent WireLurker from spreading. For example, it advises people to stay away from third-party app stores. Use only Apple's app store for discovering new desktop applications. Further, make sure your operating systems are up to date, as Apple continually provides patches therein. Don't plug your iPhone or iPad into an untrusted Mac computer. Most importantly, don't accept an unknown enterprise-provisioned app unless you're absolutely sure it's coming from a legit source, or your IT department tells you so.

Malware targeting OS X and iOS is indeed rare and it should be taken seriously if Palo Alto Networks' claims are true. This is something IT will probably need to stay up to speed on.

Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data. In the Partners' Role In Perimeter Security report, we'll discuss concrete strategies such as setting standards that third-party providers must meet to keep your business, conducting in-depth risk assessments -- and ensuring that your network has controls in place to protect data in case these defenses fail. (Free registration required.)

Eric is a freelance writer for InformationWeek specializing in mobile technologies. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Author
11/7/2014 | 3:04:38 AM
Re: The worm has turned
Gary,

Not so fast. :D If you have an iOS or OS X device and you stay in the protected Apple AppStore and iTunes there is no risk of getting any malware of any kind.

Now, if you choose to go to a third-party store, which is also based in China, land of the malware, well, let's say that whatever happens to your device it's only your fault.

This also sounds to me like one of those campaigns against Apple.

-Susan
veggiedude
50%
50%
veggiedude,
User Rank: Apprentice
11/7/2014 | 12:22:12 AM
Re: The worm has turned
Sounds like your iOS device has to be jailbroken - how else are you gonna download apps from a third party store??
Gary_EL
50%
50%
Gary_EL,
User Rank: Ninja
11/6/2014 | 11:46:09 PM
The worm has turned
I've always wondered why no enterprising bunch of (state sponsored?) criminals has ever targeted Apple users before. How many times have I endured the slings and arrows of oh so entitled Apple users, tsk tsking me for using virus-bait Windows machines? Welcome to the real world, my friends.
Susan Fourtané
50%
50%
Susan Fourtané,
User Rank: Author
11/6/2014 | 12:17:54 PM
Suspicious
Eric, -- For a minute I was worried until read that the infected apps are from a Chinese-based third party App Store. Also, the fact that that report is not made available unless you pay for it it's rather suspicious. -Susan
Commentary
Augmented Analytics Drives Next Wave of AI, Machine Learning, BI
Jessica Davis, Senior Editor, Enterprise Apps,  3/19/2020
Slideshows
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Commentary
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
Slideshows
Flash Poll