iphone 6 plus usb

Apple released a statement today saying that it is aware of the newly discovered WireLurker malware that targets Macs and iOS devices, and it has taken action. “We’ve blocked the identified apps to prevent them from launching,” a spokesman for the company told the Wall Street Journal.

Yesterday security researchers at Palo Alto Networks published a report saying they had discovered a new malware targeting Macs and iOS that is the “biggest in scale” it has ever seen. They named the malware “WireLurker” for its ability to jump from infected Macs to iOS devices over USB.

The bug itself is pretty interesting, as it sits on a Mac and listens for iOS devices connecting via USB. Once one has connected, it has the ability to install potentially malicious third-party applications on the device, regardless of whether or not it is jailbroken—making it one of the first of its kind.

Researchers say 467 infected apps have been downloaded over 350,000 times in the last 6 months, impacting “hundreds of thousands of users.” The issue has thus far been mostly contained to the Maiyadi App Store, a third-party Mac app store in China that offers pirated games and software.

While many publications have dubbed WireLurker “a new brand of threat,” it seems that the majority of users have nothing to worry about. It’s contained, Apple is aware of it, and it relies on a USB connection for delivery—a practice that has gone by the wayside for most folks in recent years.

If you’re truly worried about it, Palo Alto Networks recommends that you stay away from third-party app stores, websites and other untrusted sources. It also suggests that users avoid pairing their iOS devices with unknown computers, or charging with chargers from unknown/untrusted sources.

[The Wall Street Journal]

  • ThoseCurves

    on the side note : could you guys please update the downloads section with pangu 1.2.1 as i am just jailbreaking and 1.2.0 said to download 1.2.1 from the pangu website in order for the jailbreak to work.

  • Jad Boukai

    It’s like Ebola but for electronics

  • August Ebbesen

    iEbola

  • Smart and fast response. Good move Apple.

  • Straw hat

    “or charging with chargers from unknown/untrusted sources.” wait whaaat? Chargers as an Chargers?

  • 6ty6

    That means that other ones are still to come.

  • Матт Реякіпѕ

    Meanwhile Android still makes up 97% of all mobile malware and Google does very little to stop it.

    • Chris

      It’s not a core issue with Android itself, the issue is the base operating system which exposes all processes, has no sandbox protection and offers very easy root access by installing a custom and pre-rooted Android OS.

      Another problem is Java, enough said.

      • dothack

        So in many words android lol

      • s0me

        If you dont install apps from dubious sources you are good. Anyway you ppl here barely know how to use your macs and comment about security. You are just some basic computer users and no experts. I can hijack web browsing sessions on my ipad while being connected to the same wifi network with a rooted android phone.

      • Chris

        And you have just assumed something which is false. I’ve been a web developer for 6 years and know how to use my MacBook and iDevices very well, I also know a lot about security as that’s part of my job.

        Next time I recommend you don’t go running your mouth if you’re just going to assume who people really are.

      • s0me

        LOL you dont know anything about security, your first statement is proof.

      • Chris

        And yet you continue to run your mouth, good luck with your career insulting people.

      • s0me

        Ignorance is bliss ! 😉

      • Hosam Nasr

        Huh, are you aware of what you are saying ?
        Knowing a trick or two doesn’t make you a security expert , saying so will just make you a brick ..
        Web development focus heavily on Security .. I would assume the guy knows his stuff ..
        Thats a discussion form , people talk and learn here .. Its the damn internet .. Deal with it , genius

      • s0me

        That trick was just an example, I can explain how it works but not going to bother, it will not get me anyware. If you’re a “web developer” it doesnt mean you know much about security. I’m not going to discuss things like that in the comment section of a blog with some biased apple fanboys.

      • Hosam Nasr

        Android is secure , kind of .. But ios security is a standard .. Rooting an android device is a hell lot easier than jailbreaking an ios ..
        You dont need a injection , or codesigning .. Or sandboxing exploits as the code can be installed as a apk .. If you can run your app as root , modify the kernal .. Then you are golden ..
        I am not saying thats it easy .. Just comparing with ios security ..

      • s0me

        Trust me, I know what I’m talking about. I am familiar with rooting and all of that. Android is more vulnerable than ios because it is more common it is like win compared to osx. Most of the ppl have one and it is more efficient for the blackhats to harm them. That doesnt mean it has no security at all, because thats what these fanboys imply. I wish you a nice day !

      • Benjamin J Schwartz

        You’re honestly on idownloadblog bragging that you’re a hacker? I could tell you how pathetic that is, but judging from the attitude you evoke it’s pretty clear you get that pathetic observation rather often. Lame. Grow up kid and learn to be less bitter. You aren’t impressing anyone. You just come off as a tool.

      • s0me

        Where did I brag I was a hacker? Its just you being butthurt, I hurt your feelings when I said I could hijack web sessions of my ipad with an android app (that you could download from the playstore).

  • Dao Sasone

    Another move by apple to gain bac users trust

  • John Smith

    What is Cydia doing to protect its user from this attack?