The “WireLurker” malware can install third-party
applications on regular, non-jailbroken iOS
devices and hop from infected Macs onto iPhones
through USB connector-cables, said Ryan Olson,
intelligence director for the company’s Unit 42
division.
Palo Alto Networks said on Wednesday it had seen
indications that the attackers were Chinese. The
malware originated from a Chinese third-party
apps store and appeared to have mostly affected
users within the country.
The malware spread through infected apps
uploaded to the apps store, that were in turn
downloaded onto Mac computers. According to
the company, more than 400 such infected apps
had been downloaded over 350,000 times so far.
It’s unclear what the objective of the attacks was.
There is no evidence that the attackers had made
off with anything more sensitive than messaging
IDs and contacts from users’ address books, Olson
added.
But “they could just as easily take your Apple ID
or do something else that’s bad news,” he said in
an interview.
Apple, which Olson said was notified a couple
weeks ago, did not respond to requests for
comment on Wednesday.
Once WireLurker gets on an iPhone, it can go on
to infect existing apps on the device, somewhat
akin to how a traditional virus infects computer
software programs. Olson said it was the first time
he had seen it in action. “It’s the first time we’ve
seen anyone doing it in the wild,” he added-
Reuters
No comments:
Post a Comment