WireLurker is the latest malware to be detected amongst Mac devices, and even shifts itself from computer to mobile device through USB connection.
WireLurker is the name of the latest malware that was detected by a Silicon Valley-based security firm called Palo Alto Networks. The malware has an incredibly unique name, and just as unique as the name is – its behavior is equally unique. The malware was first detected in a Chinese third-party OS X app store, and from there it had infected 467 apps within the confines of the store.
However, the uniqueness of the malware isn’t that it’s confined to the app store initially. In fact, the unique part of this particular malware strand is that it can actually transfer itself from a desktop computer – running OS X – to iOS devices through USB connection.
The way WireLurker achieves this is through a unique caveat in the Apple software system. In most cases, jailbroken devices are the ones that are most receptive of malware like this – but in this instance, whether the device is jailbroken or not, makes no difference.
WireLurker takes advantage of a feature within the iOS, which allows businesses to circumvent the standard approval process that the App Store requires before an installation occurs. Meaning, instead of confirming, or asking permission to install a given app on a mobile device – the malware simply works around that feature and will install itself on any device that is connected via USB.
In this regard, Apple released a statement, “We are aware of the malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources.”
Right now, it’s unclear what the individuals who are hacking and infecting these devices are going after with this particular malware strand. However, the devices that are infected by WireLurker are at risk for having user data stolen, and then sent back to the originating servers in China. Right now though, that is where the threat remains – but the researchers were quick to point out that it could easily impact a greater number of systems and devices – and could easily become global.