Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WireLurker first malware to infect Mac OS X and then iPhones


  • Please log in to reply
3 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:13 AM

Posted 09 November 2014 - 09:07 AM

...WireLurker, a family of malware targeting both Mac OS and iOS systems for the past six months. We believe that this malware family heralds a new era in malware attacking Apples desktop and mobile platforms based on the following characteristics:

* Of known malware families distributed through trojanized / repackaged OS X applications, it is the biggest in scale we have ever seen
* It is only the second known malware family that attacks iOS devices through OS X via USB
* It is the first malware to automate generation of malicious iOS applications, through binary file replacement
* It is the first known malware that can infect installed iOS applications similar to a traditional virus
* It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning...

WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server.

WireLurker: A New Era in OS X and iOS Malware
WireLurker for Windows
PaloAltoNetworks-BD/WireLurkerDetector

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


m

#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:05:13 AM

Posted 09 November 2014 - 05:09 PM

First of all, Wirelurker is currently not an active threat. Known variants have already been blocked by OS X, and the command-and-control servers are offline as well. This significantly reduces the threat that this malware poses to users. The stolen certificate that enabled this attack has also been revoked by Apple, mitigating the most novel aspect of this threat (pushing apps onto non-jailbroken devices).

Staying Safe from Wirelurker: the Combined Mac/iOS Threat

 


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 Buddyme2

Buddyme2

  • Members
  • 690 posts
  • OFFLINE
  •  
  • Local time:01:13 AM

Posted 10 November 2014 - 08:38 AM

Update: Apple has issued a statement to iMore about the issue:

Quote:
"We are aware of malicious software available from a download site aimed at users in China," an Apple spokesperson told iMore, "and we've blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources."

Article Link: Researchers Discover New 'WireLurker' Malware Affecting Macs and iOS Devices in China [Updated]



#4 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:13 AM

Posted 10 November 2014 - 08:58 AM

... an Apple spokesperson told iMore, "and we've blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources."


Downloading software from untrusted sources is almost a guaranteed way to infect your toys,
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users