Apple is usually known for its top notch security but a US-based cyber security software developer Palo Alto Networks discovered a new malware targeting Apple products such as iPhone, iPad (iOS) and MAC (OS X).
The name of this malware is WireLurker. It installs malicious third-party apps on iPads and iPhones targeting users in China, but that doesn’t mean the users in The West are safe because according to Palo Alto Networks this malware is the biggest in the scale we have ever seen.
This is how it works:
1 It all starts when a user downloads an app outside Apple’s recommended store.
2 In Wireluker’s case, it is Miyadi app store which is found to be full on apps having this malware.
3 Once the user downloads any apps from the store the malware begins to install malicious apps to the user’s device (Likely to be Mac).
After that, when a user is connected (with iPhone or iPad) the malware uses open source software library mobile device to get interacted to the iOS devices (Affecting this device in the same manner as Mac).
WireLurker has ability to infect even non-jailbroken iOS devices asthrough trojanized and repackaged OS X applications, suggest that it marks a new era in malware across Apple's desktop and mobile platforms, according to the company.
One of the sources states over 356.104 downloads of such malicious applications over last six months. Meaning thousands of Apple users are affected by this malware. Furthermore, since the primary launch the application has been updated 3 times and each time the malware is found to be stronger and dangerous in terms of destruction it can do to one’s device.
Though this is not the first time a malware attack is being carried out over iOS devices. In 2012, an app (Find and Call) was designed to upload personal data from the users on a remote server. Though, this was not its primary function but the app was made to do this. Once this was identified, Apple created an external permission for all the apps to upload user data.
When Apple’s official were asked regarding this malware they were quite calm and said: (We are) aware of malicious software available from a download site aimed at users in China and it has also blocked all such apps from launching. But, still they recommend all the users to only download apps from trust sources.