Apple’s iPhone iOS has been considered to be one of the most secure mobile operating systems around. If you performed a jailbreak to unlock your iPhone, then you opened up the door to possible malware because of the 3rd party app stores. Now, there’s a new form of malware that is infecting iPhones and iPads. It is currently floating around China and infecting their devices because of a 3rd party app store available in Mac OSX.
The attack comes through access to a Trojan Mac application from the unauthorized Maiyadi App Store in China (which can be accessed from anywhere). The malware is installed when a user downloads an infected app from the Maiyadi App Store onto a Mac and connects his iPhone or iPad to that computer via USB. WireLurker uses a popular open-source software library called libimobiledevice to interact with an iOS device through a USB connection, using an iTunes protocol to initiate communication.
Once WireLurker makes it onto an iPhone or iPad, it can hide, create and download fake apps, steal personal data stored on those devices and communicate with hackers’ servers.
While WireLurker will primarily impact jailbroken devices, Palo Alto Networks’ report notes that it can spread on non-jailbroken ones through enterprise provisioning.
Apple may already have a fix in place. They’ve reported that they are “aware of malicious software available from a download site aimed at users in China” and has “blocked the identified apps to prevent them from launching.” The company also recommends that users download and install software from trusted sources.
Original Report: Palo Alto Networks