A team of security researchers has discovered a new malware campaign called WireLurker that targets Apple’s desktop and mobile devices. Currently aimed at Chinese users, the team says it’s “the biggest in scale we have ever seen.”
Palo Alto Network explains that the malware has so far infected 467 applications designed for Apple’s Mac OS X operating system. It’s done that via a third-party Chinese Mac application store called the Maiyadi App Store. Over the last six months, those applications have been downloaded over 356,104 times — possibly infecting the Macs of hundreds of thousands of users.
But the malware also appears to infect iOS devices when they’re plugged into a Mac via USB.”WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken,” explains Palo Alto Networks. “This is the reason we call it ‘wire lurker.’”
It seems that WireLurker sits on a Mac, constantly listening for USB connections, then immediately infects iOS devices when they’re plugged in. The malware appears to give access to all user data on the phone, from the address book to iMessage. But, interestingly, the malware so far hasn’t been used to exploit anyone’s device, says Palo Alto Networks. Rather, those behind it “are still preparing for an eventual attack.”
It’s worth remembering that this malware is very much China-focused right now, so there’s not too much need to worry about being infected just yet. Apple is currently patching the vulnerability, though it’s not clear when the fix will be ready. [Palo Alto Network via NYT]