iPhone 6 space gray Touch ID

Security researchers at Palo Alto Networks say they’ve uncovered a new malware campaign targeting Macs and iOS that is the “biggest in scale” it has ever seen. Dubbed WireLurker, the malware has infected more than 400 apps in the Maiyadi App Store, a third-party Mac app store in China.

In the last six months, researchers say 467 infected applications have been downloaded 356,104 times, and “may have impacted hundreds of thousands of users.” The scary part is, the malware can be transmitted to a connected iOS device via USB, regardless of whether or not it’s jailbroken.

“WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious apps onto the device, regardless of whether it is jailbroken. This is the reason we call it wire lurker,” researchers said.

Once WireLurker is installed on a Mac, the malware listens for a USB connection to an iOS device, and immediately infects it. From there, it is capable of collecting information such as contacts and iMessages, as well as receiving updates. It’s unclear at this point what the “ultimate goal” is here.

Palo Alto Networks recommends that users avoid downloading Mac apps and games from third-party app stores, websites and other untrusted sources. It also suggests that users avoid pairing their iOS devices with unknown computers, or charging with charges from unknown/untrusted sources.

While we have seen a handful of instances of iOS malware in recent months, this is one of the first we’ve seen infecting non-jailbroken devices.

[Palo Alto Networks via The New York Times]

  • Frank Anthony

    Okay. This is what i said about the Chinese before… Now they go again! Dudes can’t stop.! Why not target NSA and Whitehouse? Leave Mac and iOS Users alone.. Geez 🙁

    • Exstinction

      because NSA and Whitehouse mostly use Mac too

      • Tyler Smith

        bingo….

  • M L

    So don’t download anything that is not in the app or mac store. LOL….ummm that makes logical sense.

    • Chris

      In their world it makes sense to download these apps as they have full support for their local language while main stream apps in Apple’s app store don’t share the same support unless the developers spends the time on it and these days they are few and far between.

      • Niclas

        Most apps in these Chinese 3:rd party app store’s are pirated apps. Not “home made”.
        Apple’s App Store has perfect support for Chinese, so do many of the apps therein. Many apps are even Chinese only.

  • Chris

    That app store must have some convincing app descriptions if hundreds of thousands of devices have been infected.

    • Social engineering is the top security threat nowadays, and the only way to eliminate it on any platform is to find a cure for the PEBCAK malware.

      • Chris

        I don’t think there will ever be a cure for that, everyday someone more stupid than the last person will become a victim and wonder how and why, it’s a never ending process.

      • SoylentGreen

        Since the first days of sub7 when you could just scan any given range of ip’s and find comps with 32 clients hanging out 1 server with no pass, alot of the vics were pwned bcos of the PEBKAC effect, most insecure servers were neeks trying to ‘hack’ people but had left themselves wide open. Even today i fired up wifite and out of 22 hotspots, none are inaccessable & one is WEP!
        Massive use of social engineering always, atleast 10 yr ago i seen the first ‘hacker’ movie, the one that is realistic & an actual story about k.mitnick & his buddy & he was calling ‘colleagues’ to say he was ‘the guy’ & needed a temp pass to admin a full telecoms co. Even today ‘social engineering’ is massively overlooked as the weakest link even during security audits.
        So i guess there will always be peeps that are dumbed down via one of the plethora of methods they do this with, such as adding fluoride to the water supply & various foodstuffs to reduce IQ making them perfect candidates for manipulation.

      • Very informative, thanks. Is the K. Mitnick movie called Takedown (from year 2000)? I’m interested in watching it.

      • Niclas

        It is ignorant to blame users, everyone are not experts in everything and they shouldn’t have to be either.
        As everywhere regarding security, engineers and developers have a huge responsibility.

      • Right, so ’cause of the few that refuse to think b4 they click, restrict the entire OS to the point that it’s like iOS…then what do you have, users complaining of the lack of flexibility/versatility.

        By default Mac OS X restricts you to the Mac AppStore, but gives the option to install from third party sources. When a user dears to use the flexibility of installing from third party sources, they should take the responsibility of thinking b4 they click.

  • Merman123

    Thumbnails make it seem as if it were related to TouchID.

    • SoylentGreen

      The world is not skeuomorphic bruv lol

  • yungcinnabun

    At least it affects non jailbroken phones so now no one can complain sayin “this is why I dont jailbreak “

    • Yermum

      And you just know those wankers are looking for places to mouth off ignorantly like this. Dumbasses.

    • Chris

      I’ve already seen comments such as that on sites such as The Verge, apparently ignorance is the new truth.

  • Bugs Bunnay

    this is the first infecting non jailbroken devices? or non jailbroken devices with third party app stores? basically an app with bugs of it’s own. aint no surprise here. don’t use third party app stores. also you can’t be serious when you said “it’s unclear what the ultimate goal” of a malware is. I really hope you’re joking.

  • Jonathan

    Proud citizen of the United States. 😛

    • Alex

      This affects us too, you know.

      • Матт Реякіпѕ

        Actually you’re wrong. This is from third party App Stores from China. Good luck using a third party app store in the US without jailbreaking because it won’t happen.

      • Hyr3m

        Yeah yeah… we all know Apple doesn’t respect anti-trust laws. That’s not really something to be proud of though.

      • Alex

        Actually I’m right, because we have 3rd party app sites here in the US. Illegal, but we have them. It’s not such a leap to say that many of those apps, torrents, so on, haven’t been infected as well.

        Read the article. This is about MAC OS apps infecting iOS devices when connected to USB.

        FYI, this isn’t the first time this has happened and many apps of this nature in the past have been infected with other malware before.

    • Tyler Smith

      That comment was bad and you should feel bad.

  • But, but, Macs don’t get viruses…

    • n0ahcruz3

      Hahahaha i remember that

      • It’s still being used in retail stores today as a sales tatic for Macs, unfortunately.

    • boyz_scoot

      a new malware not viruses….

      • Virus is a type of malware, people just generalized to calling malware virus. Viruses haven’t been affecting most Windows computers since Vista was unveiled, it was malware like Adware and other social engineering scams, yet you’d still be reading all over the internet “Windows is a virus haven”.

      • boyz_scoot

        thanks for the information

      • Alex

        But malware doesn’t maliciously damage/detroy data, but rather collect and transmit it, whereas a virus typically does. Or am I wrong here? I have never heard of any mainstream malware doing damage, whereas I have of several virus’s.

      • That’s right.

    • Carlos Gomes

      Dude don’t you have a job or something?
      You’re here all the time and always with the same sole purpose.
      God.

      • Матт Реякіпѕ

        No he doesn’t. He has a cheap Android phone and to him attacking apple makes him feel less poor. Prolly bought his phone with his welfare check.

      • Haha, lots of butt hurt assumptions…iDiot.

      • wackyrrific

        haha whata garbage of human, you deserve a electroshock mr my D

      • @dongiuj

        IF he has an android phone then how do you know it’s cheap? It might be an expensive one. I know that my galaxy was pretty much the same price as my iPhone. And what makes you think he doesn’t have an apple product? Because he “attacks” apple? I know you didn’t say he doesn’t have an apple product but the way you’re sounding is like you’re saying he doesn’t have one. Like I mentioned above, I have both samsung AND apple devices but I’ll never be pro-any tech company. I think you’ll find (if you can be bothered to read ALL his comments) that he has said positive things about apple products too. So….. SHUSH!

      • SoylentGreen

        You must take your face to the lavatory and wipe your mouth, your spouting verbal dihorrea, that guy is actually one of the more informed people that come here, lol its funny because you are a blatant obvious ‘Kool-Aid Drinker’ & he knows the truths, you beleive mainstream media with no questions asked and i bet you read or watch ‘the news’ and even discuss things in ‘the news’ with your mates like you all know the ‘facts’ when it maybe a full false flag news item.
        Libertarians are taking over brother so you would be wise to swat up, if for no other reason than self preservation.
        Ps. In your world is their any beleif that the ‘incident’ at sandy hook may have been staged?

      • Always the same immense butt hurt reply coming from you…so deep in love with a company that it hurts your feelings when their lies are exposed. Tell me you have shares in Apple, ’cause that’s the only non-iSheep reasoning behind such attitude.

      • Carlos Gomes

        What attitude?
        Calling on you for bitching about something in every single article on a blog dedicated to a brand that you don’t seem to like?

      • Nope, the attitude of getting butt hurt when I post something criticising Apple, then replying with cries instead of giving a reason of what makes my criticism invalid.

        I like Apple, I’ve been using their SmartPhone (with jailbreak) for the past 5 years (never owned any Android phone). I also like competition, and would criticize Apple whenever they lag behind competition yet charge the same price.

      • wackyrrific

        you need urgent a electroshock

      • @dongiuj

        If you know he’s here all the time, that probably means that you’re here all the time. If your excuse is “oh but I just see his name a lot” then that means you must be checking a lot of the articles which means you are spending a lot of time looking through the comments section of all the articles meaning you are here all the the time too or spending longer time for shorter periods compared to shorter time for longer periods. Either way, “all the time”. Well done!

      • Carlos Gomes

        By “here all the time” I was talking about “here”, the comment section.
        Could have been better phrased, yeah. But thank you!

      • RarestName

        #REKT

  • And this, ladies and gentlemen, is why you do not use third-party App Stores.

  • Dao Sasone

    Another move by apple to get more $ in their pockets.

    • Chris

      I don’t see how they would make money off people being tricked into installing malware.

      • Dao Sasone

        Scaring people not to purchase any 3rd party apps. Leaving them with no choice but to use appstore. Apple already lost their credibility when Icloud got hack. Proves their no such thing as secure. Yet they decides to come out with apple pay and decides to mass supply china with their idevices knowing what how capable the Chinese people are. I think they just need someone to blame.

      • Carlos Gomes

        You are right.
        Considering that one of Apple’s selling points for OSX is the security, making their operative system sound vulnerable is a really brilliant idea.

        /s

      • Chris

        I’m still not following how Apple fit into this, they aren’t forcing you to do anything, this malware requires the user to accept an enterprise certificate that isn’t signed by Apple, if they wish not to download apps from the official store then that’s their choice.

        Apple already lost their credibility when Icloud got hack. Proves their no such thing as secure.

        Let’s clarify one thing, iCloud was never hacked, social engineering and careful targeted attacks were used to gain access to user accounts, it wasn’t a fault in Apple’s security but a lack of knowledge by the end user on security.

        Yet they decides to come out with apple pay and decides to mass supply china with their idevices knowing what how capable the Chinese people are.

        Like they have each and every year, you don’t need an iDevice in China to be the victim of malware either.

        I think they just need someone to blame.

        Blame those taking advantage of vulnerable users by using a self-signed enterprise certificate, Apple can’t be blamed for a perfectly valid action within iOS.

    • Uhm, you make no sense…this is more damaging to Apple’s image of “virus free OS”, so, not sure how that will be making $ for them. It’ll more likely make some people regret buying Macs.

      • Alex

        Let’s see. 1 recent malware in how many months. How many recent virus’s have infected Windows computers in the same timeframe… 100’s? Do we still need antivirus software? It also seems that this doesn’t affect you unless you are using potentially illegal third party sites on your MAC and downloading the apps and then running them, does it not? I would certainly love to see one of those old style Apple commercials with the MAC and PC guy and the MAC guy and use an analogy like, let’s say, the MAC guy has a disinfectant bottle to get rid of 1 or two ants, while the PC guy has the entire Orkin team with boxes of buy spray to get rid of an infestation of roaches.

      • Let’s see, Mac OS X is still hovering around 7% of world-wide usage for the past 7 years, while Windows is 1300% higher than that at 91% of world-wide usage. Isn’t it obvious enough that most criminals would be targeting Windows? The amount of malware is proportional to the world-wide PC market share.

      • wackyrrific

        are you on drugs

      • Is your head stuck where the sun don’t shine?

      • wackyrrific

        do you consider yourself normal. i dont think so mr.retard

      • I sure won’t want to be what you consider to be “normal”, that’ll require becoming a mindless zombie like you…

      • wackyrrific

        mr electroshock

      • wackyrrific

        mr retardo

  • QP

    Sorry and forgive my ignorance but where else could i download an app if not from the appstore?

    • @dongiuj

      China…

  • Ali Ghanem

    Apple! Y U NO CLOSE DAT SECURITY HOLE!

    • justme

      may they knew it before us and that’s because apple fot the first time ever launch a iOS X.X.1 to the developers (we know; it kills JB)but may be patch this malware too, who knows.

  • Diego

    Nothing to worry. Just from people on Chine, for the rest of the world, we are cool