Skip to main content

WireLurker attacks Apple products, leaves iPhones and iPads open to attack

A security firm has just published a paper on new OS X and iOS malware dubbed WireLurker which threatens Apple devices - your iPad, iPhone and Mac computer. Indeed, Palo Alto Networks called the family of malware, a "new era" in threats targeted at Apple.

The company noted that the malware attacks a user's iOS device via the USB connection from their Mac OS X computer, and it's only the second malware family that does so. It's also the biggest scale threat the company has discovered which proliferates itself via repackaged OS X apps.

WireLurker installs third-party apps on Apple iOS devices

Palo Alto Networks described how the malware functions thusly: It infects an OS X machine and then monitors for any iOS device being connected via USB, and it then installs third-party apps or "automatically generated" malicious apps onto the iDevice – regardless of whether it's jailbroken or not.

While similar threats to non-jailbroken Apple devices have been demonstrated previously, this malware is particularly dangerous due to its sophistication. The security firm warned: "WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customised encryption to thwart anti-reversing."

Related: Why malware is on the rise, and Trojans are your biggest threat (opens in new tab)

Thus far, WireLurker has trojanised some 467 OS X apps on the Maiyadi App Store, which is a third-party app store for the Mac in China – so predictably enough, it's those who frequent off-the-beaten-track app outlets who are at risk. The malware has been active for the past six months, apparently.

While it's just a Chinese problem right now, it's a definite warning that this sort of thing is likely to be on the way worldwide. Apple users are a particularly tempting target given that Macs and iOS devices are commonly thought of as so secure that users don't really need to worry much about any precautions. Palo Alto Networks provides advice to help combat this malware on its blog post here (opens in new tab), but all the usual nuggets pertain: Keep your devices up to date, use antivirus on your Mac, and enterprises are advised to route mobile traffic through a threat prevention system.

It has to be said, though, that the main point is, once again: Don't tangle with third-party app stores.

Related: Almost one in ten Android apps infected by malware (opens in new tab)

Darren Allan

Darran has over 25 years of experience in digital and magazine publishing as a writer and editor. He's also an author, having co-written a novel published by Little, Brown (Hachette UK). He currently writes news, features and buying guides for TechRadar, and occasionally other Future websites such as T3 or Creative Bloq and he's a copy editor for TechRadar Pro. Darrran has written for a large number of tech and gaming websites/magazines in the past, including Web User and ComputerActive. He has also worked at IDG Media, having been the Editor of PC Games Solutions and the Deputy Editor of PC Home.