Malicious Software Campaign Targets Apple Users in China
Researchers at a Silicon Valley security company said on Wednesday that they had found a new manner in which hackers can infect Apple products.
The company, Palo Alto Networks, reported that it had uncovered a malware campaign called WireLurker targeting Apple mobile and desktop users and said it was “the biggest in scale we have ever seen.”
Though the malware — malicious software designed to cause damage or steal information — is aimed at users in China and can be avoided, the campaign demonstrates new ways that attackers are targeting Apple iOS mobile devices.
The security company, based in Santa Clara, Calif., said that WireLurker had infected more than 400 applications designed for Apple’s Mac OS X operating system through the Maiyadi App Store, a third-party Mac application store in China.
The company said users’ iOS devices could also become infected if they connected their mobile device to their Macs through a USB wire.
Typically, iOS users can download applications from third parties only if they have “jailbroken” their phones, or altered them to run software Apple has not authorized. With WireLurker, an infected application can reach a non-jailbroken phone from an infected Mac OS X system, which is why Palo Alto Network researchers say WireLurker represents a “new brand of threat to all iOS devices.”
“They are still preparing for an eventual attack,” said Ryan Olson, the director of threat intelligence at Palo Alto Networks. “Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”
The firm’s advice to Mac and iOS users is to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. They also advise users to keep iOS software up to date.
To date, there is no evidence that the vulnerability has actually been exploited and here, too, it would be difficult for the average Mac user to stumble upon. For hackers to gain control of a Mac, the victim would need to ignore every OS X pop-up security warning.
Apple is currently patching the Rootpipe vulnerability, but it is not clear when the patch will be completed.
Source: NYT – Malicious Software Campaign Targets Apple Users in China
