Cyber security software maker Palo Alto Networks Inc said on Wednesday that they had found a new method in which hackers can infect Apple products. The new family of malware, dubbed WireLurker can infect both iOS and OS X devices.
A report from Palo Alto Networks claims the WireLurker malware can install third-party applications on potentially secure, non-jailbroken iOS devices using infected software for Macs and hop from affected Macs onto iPhones through USB connector-cables.
The main purpose of this malicious software is to steal personal information and damage Apple’s products. It can collect significant information such as iMessages and contacts from all of Apple’s devices. Once WireLurker enters an iPhone, it can go on to infect existing apps on the device, something similar to how a traditional virus attacks computer software programs. Though this sort of attack has been around since about 2003, the threat is new to Apple, according to Palo Alto Networks.
The California based Palo Alto Networks said it had seen indications that the attackers were Chinese. The malware infected the products through the Maiyadi App Store, a third-party Mac store in China. So far, WireLurker targeted approximately 467 applications of Apple’s Mac OS X operating system. Infected versions of these programs have been downloaded more than 356,104 times and are likely to have affected hundreds of thousands of users within the country.
Accordingly, Palo Alto director of threat intelligence Ryan Olson describes that “WireLurker is unlike anything we’ve ever seen in terms of Apple iOS and OS X malware. The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”He continues “[Apple is] still preparing for an eventual attack. Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”
Palo Alto has recommended several options for preventing infection from WireLurker malware. Mac and iOS users are advised to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. Among other precautions, Palo Alto Networks advises users to run the latest versions of iOS and use antivirus.