Credit: Getty Images
According to researchers at Palo Alto Networks, a new and ugly malware ‘WireLurker’ is lurking for millions of Apple iPhone users.
The researchers at Palo Alto Networks said that they have come across an impressive malware attack again all Apple devices in China. The virus even has the ability to penetrate non-jailbroken Apple iPhones. However, the virus is currently limited to customers of Chinese application store.
This new family of malware is called ‘WireLurker.’ The characteristics of WireLurker are unique and very different from the other threats that were targeting Apple platforms, according to researchers at Palo Alto Networks.
They also said that it is the first known malware family that has the ability to infect installed iOS applications. In addition to this, they said that it is only the second known malware virus that can actually infect the iOS devices through the operating system that powers every APPL developed by Apple. This operating system is called OS X.
When you connect your iOS device with an infected OS X computer via USB, WireLurker will download a third party application into your device. And it doesn’t matter whether your device is jailbroken or not, thus the term “Wire Lurker” has been used in the 30 page report generated by the network security company.
The attacker’s control server regularly request updates from the infected phones and gradually it infects all the other along with iOS inbuilt apps. The malware has the ability to steal information for your mobile phones, according to Palo Alto Networks.
According to a report issued by Palo Alto Networks, the malware is currently under development and the ultimate objective of its creator is unknown. Palo Alto also said that a developer at Tencent Holdings Ltd was the first one to make note of the threat.
After that, various threads on Apple forums started dashing up, in which the users had complained about a strange application being automatically installed in their systems along with the formation of enterprise provisioning profiles.
According to the company, the basic motive of WireLurker is to get unauthorized access to personal information and also to get remote access to user computer. “WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server,” said Palo Alto Networks in its report. “This malware is under active development and its creator’s ultimate goal is not yet clear.”
They were only two viruses that were successfully installed onto non-jailbroken iOS devices. The first one was noted in September 2010, and the second one was in July 2012. Both of these malwares were immediately removed from App Store by Apple Inc. However, WireLurker is the only known malware which is still active on the App store. Almost 800 million iOS devices are at risk because of this virus, according to Palo Atlo.
The intelligence director of the company, Ryan Olson said that WireLurker is something new for them and they haven’t seen anything like this before. It is a completely new malware in terms of Apple iOS and OS X malware. He also said that the techniques used in this malware are very sophisticated and fine. During an interview, Olson told Reuters that the hacker hasn’t done something serious so far, but if they don’t stop this bad things might happen.
“WireLurker is unlike anything we’ve ever seen in terms of Apple iOS and OS X malware,” said Ryan Olson, intelligence director for the company’s Unit 42 division. “The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”
“There is no evidence that the attackers had made off with anything more sensitive than messaging IDs and contacts from users’ address books,” Olson added. But “they could just as easily take your Apple ID or do something else that’s bad news,” Olson told Reuters in an interview.