wirelurker

Last week, it was reported that Mac and iOS users in China were the target of new malware called WireLurker that resulted in Apple confirming the security issue and blocking the affected malware apps. Just days later, mobile security research firm FireEye reports it has uncovered a major iOS security flaw that it claims poses a much bigger threat to Apple users than WireLurker.
Expand
Expanding
Close

Update: Apple confirmed the security issue in a statement provided to iMore. Apple has also revoked the certificate to prevent the apps from being installed on new devices.

The New York Times reports that a security firm called Palo Alto Networks has uncovered a new form of Apple-focused malware that is capable of infecting non-jailbroken iOS devices. Typically when such software pops up, as it does from time to time, one of the key factors that allows the malicious code to run on iOS is whether the device is jailbroken. The new “WireLurker” malware, however, is installed on the mobile device over USB by an infected Mac.

These infected Mac apps are reportedly coming from the Maiyadi App Store, a third-party software storefront operated in China. Palo Alto Networks says over 400 apps in the store are affected, and have been downloaded over 356,000 times total, potentially resulting in hundreds of thousands of infected devices.

Expand
Expanding
Close