November 6, 2014 by

WireLurker: A Revolutionary Malware Targeting Apple iOS Devices

Claud Xiao from Unit 42 of the Palo Alto Networks released a report on a new type of malware targeting Apple mobile devices (iPhone, iPad) named WireLurker. As the accompanying press release points out, this malware is truly unique and “heralds a new era in malware across Apple’s desktop and mobile platforms,” states the report.

Here are some some of the reasons WireLurker stands out:

  • Of known malware families distributed through trojanized / repackaged OS X applications, [it is] the biggest in scale we have ever seen
  • Only the second known malware family that attacks iOS devices through OS X via USB
  • First malware to automate generation of malicious iOS applications, through binary file replacement
  • First known malware that can infect installed iOS applications similar to a traditional virus
  • First in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning

The list itself is rather impressive. WireLurker spreads via infected (trojanized) apps on the Maiyadi App Store, a Chinese third-party OS X application store, where 467 applications were found to be infected. These were in turn downloaded over 356,104 times and affected hundreds of thousands of users. “People often think Apple devices are impenetrable and don’t take many precautions, if any, when downloading apps,” warns Ondrej Krehel, the Managing Director of LIFARS. “This malware exploits that way of thinking. Always know your source,” he adds.

How can you protect yourself against the WireLurker?

  • Do not download apps from any third party stores or websites
  • Keep the iOS version on your device up to date
  • Do not pair or connect your device with any untrusted or unknown computers or devices (this is how it spreads)
  • Do not use unknown accessories with your device (for example a non-Apple or non-brand name charger)
  • Avoid jailbreaking your device. If you have a jailbroken device, use only credible and trusted sources on Cydia

For more detailed information, make sure to read the complete report here.


About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Popular Freeware Site Found Hosting Bitcoin Stealing Malware

A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...

Read more arrow_forward

Apple Partners Allianz to Offer CyberCrime Insurance Perks

A new partnership between Apple, Cisco and insurance firm Allianz SE will see businesses using...

Read more arrow_forward

Cyberattacks ‘Could Lead to Inadvertent Missile Launches’, Says Think Tank

A number of nuclear weapons systems in the United States, Britain and other countries are at risk...

Read more arrow_forward