Users of Apple computers and mobile devices, beware: a new malware
is targeting both platforms, a security vendor warned early Thursday
(PHL time).
Dubbed "WireLurker," the new malware threatens iPhones and iPads connected via USB to infected Macs running OS X.
"We believe that this malware family heralds a new era in malware
attacking Apple’s desktop and mobile platforms ... Of known malware
families distributed through trojanized/repackaged OS X applications, it
is the biggest in scale we have ever seen," PaloAltoNetworks.com said
in a blog post.
WireLurker can steal information from the mobile devices it infects and
can regularly request updates from the attackers' command and control
server.
While WireLurker is the second known
malware family to attacks iOS devices through OS X via USB, it is the
first to automate generation of malicious iOS apps.
It is also the first known malware that "can infect installed iOS applications similar to a traditional virus."
Worse, it is the first malware in the wild to install third-party apps even on non-jailbroken iOS devices.
Infected applications
WireLurker has trojanized 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China.
The malware monitors iOS devices connected via USB with an infected OS X
computer, then downloads and installs third-party apps or automatically
generated malicious apps to the iDevice.
It
even has "complex code structure, multiple component versions, file
hiding, code obfuscation and customized encryption to thwart
anti-reversing," the firm said.
Anti-virus
Palo Alto recommended that enterprises make sure their mobile device traffic is routed through a threat prevention system
They should also use an antivirus or security protection product for the Mac OS X system and keep it updated.
For OS X users, they can go to the “Security & Privacy” settings
and make sure “Allow apps downloaded from Mac App Store (or Mac App
Store and identified developers)” is set.
"Do
not download and run Mac applications or games from any third-party app
store, download site or other untrusted source," it added.
As for iOS users, it said they should keep their iOS version updated,
and not accept any unknown enterprise provisioning profile.
"Do not pair your iOS device with untrusted or unknown computers or devices," it added.
Also, they should avoid powering iOS devices through chargers from untrusted or unknown sources. — Joel Locsin/JST, GMA News
source: gmanetwork.com
