Skip to main content

Chinese Mac and iOS users targeted by new ‘WireLurker’ malware capable of infecting non-jailbroken devices

Update: Apple confirmed the security issue in a statement provided to iMore. Apple has also revoked the certificate to prevent the apps from being installed on new devices.

The New York Times reports that a security firm called Palo Alto Networks has uncovered a new form of Apple-focused malware that is capable of infecting non-jailbroken iOS devices. Typically when such software pops up, as it does from time to time, one of the key factors that allows the malicious code to run on iOS is whether the device is jailbroken. The new “WireLurker” malware, however, is installed on the mobile device over USB by an infected Mac.

These infected Mac apps are reportedly coming from the Maiyadi App Store, a third-party software storefront operated in China. Palo Alto Networks says over 400 apps in the store are affected, and have been downloaded over 356,000 times total, potentially resulting in hundreds of thousands of infected devices.

What exactly can WireLurker do once it’s on your iOS device? A better question might be “what can’t it do?” Palo Alto Networks says that the software can access and steal a user’s address book, read their iMessages, and download updates to itself in the background, allowing it to be upgraded with new capabilities without the user ever having to do anything.

Even though the malware seems to be coming mostly from Chinese sources, the company says the best way for all users to avoid getting infected by these types of software is to only download Mac applications from trusted sources like the Mac App Store. Palo Alto Networks also said that it has reported this issue to Apple.

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. coolfactor - 9 years ago

    Ugh, I don’t even want to start…

  2. Edison Wrzosek - 9 years ago

    Now let’s see Xprotect in action and see if it can weed out this crap…

    And on a sadder note, remember this day in history, the hackers have now noticed Mac and iOS in China, and have begun their assault, bastards!

  3. Has anyone called bullish on this yet? I’ll do it. Bullshit.

  4. The original story is so flu of misinformation it’s difficult to read for anyone that knows anything about how iOS works.

  5. markbyrn (@markbyrn) - 9 years ago

    Hyperbolic FUD as expected. From what I read on their site, one would have to accept an unknown provisioning profile to get infected. Obviously if you’re ignorant enough to do that, enjoy the consequences.

  6. greggthurman - 9 years ago

    The malware gets onto your Mac on Appl\s purchased from a third party site. You cannot get this malware if you buy all your apps through the iTunes Store.

    Say what you want about Apple’s “closed” system, I’ll gladly stay within its confines for the protection that Apple vetting provides.

  7. aeronperyton - 9 years ago

    The media wants there to be a real virus for the OS X platform so badly…

    • skategeezer - 9 years ago

      Every year in Vancover CA at the pwned to own security conference Mac OS X is found to be just like all the other operating systems. Mac is no more and no less secure then any other operating system. They ALL have holes in them.

  8. scumbolt2014 - 9 years ago

    So the number of at risk iPhones and total number of Andriod phones in consumer hands is equal now.

    • BlueLightAlarm - 9 years ago

      I wouldn’t say that at all – there are always dodgy apps being offered/downloaded on the Google Play store and directly infecting who knows how many Android devices. This “threat” (if you actually believe it to be true) ONLY infects people who download apps from Maiyadi on a Mac and then infects their iPhone if/when it is plugged in via USB – There’s a lot more things that have to happen for an iPhone to get infected

  9. China has all this tech thanks to the USA and EU.

    • Nycko Heimberg - 9 years ago

      No, more….
      Without China, no iPhone, no iPad, no Galaxy X, almost nothing…!
      Chinese have the WORLD in their feet unfortunately.

      • thatsdb - 9 years ago

        Come on, if we would pay North American workers a premium, or Bots we could build them at home.