Story image

'New era' as iOS comes under malware attack

07 Nov 2014

The long held confidence iPhone users have had that they’re safe from malware has been dealt a blow, with enterprise security company Palo Alto Networks reporting a new family of Apple iOS and OS X malware.

The enterprise security company says the new malware family, dubbed WireLurker, marks ‘a new era’ in malware across Apple’s desktop and mobile platforms.

WireLurker can infect even non-jailbroken iOS devices through trojanised and repackaged OS X applications and is the first known malware family that can infect installed iOS applications similar to how a traditional virus would.

It jumps from infected Macs onto iPhones through USB connections.

Palo Alto Networks says WireLurker is capable of stealing a variety of information from infected mobile devices, and regularly requests updates from the attackers command and control server. However, the company notes the malware is under active development and its creators ultimate goal is still not yet clear.

The malware family, which has been targeting iOS and OS X for the past six months, is the first in-the-wild malware family that can install third-party applications on non-jailbroken iOS devices through enterprise provisioning.

Palo Alto Networks says it is also only the second known malware family that attacks iOS devices through OS X via USB and is the first malware family to automate generation of malicious iOS applications through binary file replacement.

A Palo Alto Networks blog says WireLurker was used to trojanise 467 OS X applications on Chinese third-party app store, Maiyadi.

“In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users,”

Ryan Olson, Palo Alto Networks intelligence director, Unit 42, says WireLurker is unlike anything seen before in terms of Apple iOS and OS X malware.

“The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”

Palo Alto Networks is recommending a number of actions Apple users can take to mitigate the threat from WireLurker and similar threats, including enterprises routing mobile device traffic through threat prevention systems using mobile security applications, and employing an antivirus or security protection product for the Mac OS X system and keeping its signatures up-to-date.

The company also recommends ensuring ‘Allow apps downloaded from Mac App Store (or Mac App store and identified developers)’ is set in the OS X System Preferences panel, under security and privacy.

Users should also avoid downloading and running Mac applications or games from third-party app stores, download sites or any other untrusted sources and keep the iOS version up-to-date.

Other recommendations from Palo Alto Networks are:

- Do not accept any unknown enterprise provisioning profile unless an authorised, trusted party (eg your IT corporate help desk) explicitly instructs you to do so- Do not pair your iOS device with untrusted or unknown computers or devices- Avoid powering your iOS device through chargers from untrusted or unknown sources- Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)- Do not jailbreak your iOS device. If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device

Dropbox invests in hosting data inside Australia
Global collaboration platform Dropbox has announced it will now host Australian customer files onshore to support its growing base in the country.
Opinion: Meeting the edge computing challenge
Scale Computing's Alan Conboy discusses the importance of edge computing and the imminent challenges that lie ahead.
Alibaba Cloud discusses past and unveils ‘strategic upgrade’
Alibaba Group's Jeff Zhang spoke about the company’s aim to develop into a more technologically inclusive platform.
Protecting data centres from fire – your options
Chubb's Pierre Thorne discusses the countless potential implications of a data centre outage, and how to avoid them.
Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."