Palo Alto Networks has discovered a new family of malware that can infect Apple desktop and mobile operating systems.
For a while now, Jobs’ Mob has made much of the fact it is “super secure” even while its gear is turned over in seconds at hacker conferences. But now the hardware is becoming more popular it is clear that hackers are starting to write code that can disable anything that Apple comes up with.
The “WireLurker” malware can install third-party applications on regular, non-jailbroken iOS devices and hop from infected Macs onto iPhones through USB connector-cables.
Ryan Olson, intelligence director for the company’s Unit 42 division said that had seen indications that the attackers were Chinese. The malware originated from a Chinese third-party apps store and appeared to have mostly affected users within the country.
The malware spread through infected apps uploaded to the apps store that were in turn downloaded onto Mac computers. This is bad news for Apple which always claims that its store is closely vetted in comparison to the Google operation.
According to the company, more than 400 such infected apps had been downloaded over 350,000 times so far.
So far, there is no evidence that the attackers had made off with anything more sensitive than messaging IDs and contacts from users’ address books. But then again what sort of information would an Apple user have? There cannot be many Chinese spooks who want a Coldplay or U2 collection. As far as companies are concerned,
Apple was told about the bug two weeks ago and has not done anything. Once WireLurker gets on an iPhone, it can go on to infect existing apps on the device, somewhat akin to how a traditional virus infects computer software programs. Olson said it was the first time he had seen it in action. “It’s the first time we’ve seen anyone doing it in the wild,” he added.