Chinese authorities arrested three individuals last Friday that are believed to have developed the “WireLurker” malware, according to a police post on Sina Weibo. The authorities were tipped off by Chinese security company Qihoo 360 technology. Additionally, the post says that authorities have also identified and shut down the website that was hosting and distributing the malware.
For those unfamiliar with WireLurker, it was publicly identified in early November as a Mac malware capable of infecting non-jailbroken iOS devices via a USB connection and collecting private information such as iMessages . In the last 6 months, researchers say it infected over 450 Mac applications in the third-party Chinese Maiyadi App Store, which were downloaded 356,000 times.
Apple released a statement on WireLurker, saying that it had blocked the apps known to be infected with the malware. It has since had its hands full with a new security concern: the Masque Attack vulnerability. While the company says that it isn’t aware of any users that have been affected by Masque, the US government issued a security bulletin regarding it to iOS users last week.
Both WireLurker and Masque Attack can be avoided by restricting app installs to the App Store and other known sources.