Photo (cc) by Ryan Tir
Hackers are finding new ways to infect Apple products.
A new malware dubbed WireLurker was recently discovered by Palo Alto Networks, a Silicon-Valley-based security company. Code for the malicious WireLurker was found hidden within 467 OS X applications in China’s Maiyadi App Store.
“Once installed, [WireLurker] waits until consumers connect an iPhone or iPad and then steals data stored on the device,” The Wall Street Journal said.
Palo Alto Networks said more than 350,000 Chinese Apple users could be affected.
According to The New York Times, WireLurker is a new type of malware threat because it installs itself on an Apple device whether it’s “jailbroken” or not. It can infect an iPhone like a virus infects a computer.
Typically, iOS users can download applications from third parties only if they have “jailbroken” their phones, or altered them to run software Apple has not authorized. With WireLurker, an infected application can reach a non-jailbroken phone from an infected Mac OS X system, which is why Palo Alto Network researchers say WireLurker represents a “new brand of threat to all iOS devices.”
Apple was quick to respond to the threat, which was revealed Wednesday. On Thursday, Apple blocked the malware from being able to spy on Chinese Apple users, the WSJ said.
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching,” Apple said in a written statement.
Although this malware attack is limited to China, it doesn’t mean something similar couldn’t happen to Apple devices elsewhere, including the U.S.
“Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices,” Ryan Olson, director of Palo Alto Network’s threat intelligence, told the Times.
To protect your Apple devices from malware like WireLurker, Apple recommends that users download apps only from “trusted sources” like the Mac App Store, AppleInsider said. Apple also suggests keeping iOS software updated and only connecting your iOS device to trusted computers and accessories.
What do you think about the latest Apple-focused malware attack? Share your comments below or on our Facebook page.