Newly discovered malware poses serious threat to Apple users

Palo Alto Networks has discovered a new family of Apple OS X and iOS malware exhibiting characteristics unseen in any previously documented threats targeting Apple platforms. This new family, dubbed WireLurker, marks a new era in malware across Apple’s desktop and mobile platforms, representing a potential threat to businesses, governments and Apple customers worldwide.

“WireLurker is unlike anything we’ve ever seen in terms of Apple iOS and OS X malware. The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms,” said Ryan Olson, Intelligence Director, Unit 42, Palo Alto Networks.

WireLurker is the first known malware family that can infect installed iOS applications similar to how a traditional virus would. The malware can install third-party applications on non-jailbroken iOS devices through enterprise provisioning.

WireLurker, discovered by the company’s Unit 42 division, attacks iOS devices through OS X via USB and also automates generation of malicious iOS applications through binary file replacement.

The malware spread through infected apps uploaded to the apps store, that were in turn downloaded onto Mac computers. According to the company, more than 400 such infected apps had been downloaded over 350,000 times so far.

Palo Alto Networks said it had seen indications that the attackers were Chinese. The malware originated from a Chinese third-party apps store and appeared to have mostly affected users within the country.