800 Million Apple Devices at Risk, No Jailbreak NecessaryNovember 6, 2014 – 5:31 PM
A piece of Apple-focused espionage malware dubbed WireLurker has been uncovered that, unlike most iPhone bugs, can compromise even non-jailbroken iOS smartphones and tablets—potentially putting 800 million devices at risk.
Apple operating systems, once seen as a more secure alternative to Windows and Android, have been faced with increasing numbers of attack vectors of late. WireLurker is a multi-pronged threat: it attacks and infects OS X-based Macs via compromised applications, and from there can infect any iPhone that’s connected via USB to the computer—regardless of jailbreak status.
Researchers at the Palo Alto Networks uncovered the bug, which has affected hundreds of thousands of users in Asia already. The firm found there to be 467 trojanized, malware-laden OS X applications in the unofficial Maiyadi App Store in China, which have been downloaded more than 356,000 times in the past six months.
It may be centered in China for now, but it’s very likely that it will spread to other markets: As infected devices regularly request updates from the attackers’ command and control server, new features or applications could be installed at any time.
“This malware is under active development and its creator’s ultimate goal is not yet clear,” the researchers wrote in a 30-page report. “The ultimate goal of the WireLurker attacks is not completely clear. The functionality and infrastructure allows the attacker to collect significant amounts of information from a large number of Chinese iOS and Mac OS systems, but none of the information points to a specific motive. We believe WireLurker has not yet revealed its full functionality.”