“Researchers at a Silicon Valley security company said on Wednesday that they had found a new manner in which hackers can infect Apple products,” Nicole Perlroth reports for The New York Times. “The company, Palo Alto Networks, reported that it had uncovered a malware campaign called WireLurker targeting Apple mobile and desktop users and said it was ‘the biggest in scale we have ever seen.'”
“Though the malware — malicious software designed to cause damage or steal information — is aimed at users in China and can be avoided, the campaign demonstrates new ways that attackers are targeting Apple iOS mobile devices,” Perlroth reports. “The security company, based in Santa Clara, Calif., said that WireLurker had infected more than 400 applications designed for Apple’s Mac OS X operating system through the Maiyadi App Store, a third-party Mac application store in China. In the last six months, Palo Alto Networks said 467 infected applications were downloaded over 356,104 times and ‘may have impacted hundreds of thousands of users.'”
“The company said users’ iOS devices could also become infected if they connected their mobile device to their Macs through a USB wire. ‘WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken,’ Palo Alto Networks security researchers said. ‘This is the reason we call it ‘wire lurker,”” Perlroth reports. “The firm’s advice to Mac and iOS users is to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. They also advise users to keep iOS software up to date.”
Read more in the full article here.
Palo Alto Networks recommends that users take the following actions to mitigate the threat from WireLurker and similar threats:
• Enterprises should assure their mobile device traffic is routed through a threat prevention system using a mobile security application like GlobalProtect
Employ an antivirus or security protection product for the Mac OS X system and keep its signatures up-to-date
• In the OS X System Preferences panel under “Security & Privacy,” ensure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set
• Do not download and run Mac applications or games from any third-party app store, download site or other untrusted source
• Keep the iOS version on your device up-to-date
• Do not accept any unknown enterprise provisioning profile unless an authorized, trusted party (e.g. your IT corporate help desk) explicitly instructs you to do so
• Do not pair your iOS device with untrusted or unknown computers or devices
• Avoid powering your iOS device through chargers from untrusted or unknown sources
• Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)
• Do not jailbreak your iOS device; If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device
MacDailyNews Take: Those who venture outside the Apple ecosystem do so at their own risk.
Here’s our usual oft-repeated reminder for Mac users and anyone who’s trying to use any other platform: Do not download and authorize the installation of applications (Trojans) from untrusted sources. No OS can protect users from themselves (or we wouldn’t be able to install any software). Those who grant attackers access to their Macs, should not be surprised to find their Macs are compromised.
Related articles:
There’s practically no iOS malware, thanks to Apple’s smart control over app distribution – June 13, 2014
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
The difference between malware for iOS and malware for android; Apple will find out if this is a flaw and fix it accordingly, updates will be issued worldwide to all iOS users.
Google will see if it affects their ad tracking and patch for the next android version due out in 2015/16. Even if its patched sooner, nexus is likely the only device to receive it.
I believe this is the same USB malware that was reported months ago. It gets on your phone thru malware embedded in the USB device which can get there thru a computer.
Am I wrong on this?
It is unclear from the article how the initial infections in the software stores was made. I’m betting a branch of the Chinese government.
The software that Apple has been providing of late, XCODE and OSX Mavericks and Yosemite is riddled with amateurish bugs and glitches. Releases are not ready, patches are not correcting, software is getting worse. Tim Cook may be an operations genius, but it takes a creative genius, with ATTENTION to detail to really make things “Apple class”. Unfortunately for those of us who appreciate Apple and its NeXT roots, Objective-C, and all of the underpinnings, the GLAM that is being propagated (iOS 7x+ and OSX 10.9x+) make look good (and that is a stretch), but the looks are superficial and what is underneath needs to be improved. It is far past time for a company with Apple’s cash hoard to slow the FSCK down and fix the issues that they have.
More testing.
More correcting.
Less crappy glam.
Let ye not rot Apple, for thine taste is sweet, and can be savored still.
Well, there’s an undocumented rant for you!
As a long time Mac user since the days of the LC II (any one remember that?) I have to reluctantly agree with some of the points the OP made.
Lately, Lion and Mountain Lion (I haven’t yet dared to install Yosemite) have made me go “what the-?” As far as some decisions Apple made either respect to the OS X GUI and even some underlying core processes. (No more “Save As”? Really?).
This is in contrast to OS X versions since Panther that have more often than not delighted me the more I learn about their functionality (and yes, version x.1 of the OS… Never install version x.0 of any OS from Apple).
iOS is the product (?) that helped Apple bust out of its niche market as a maker of PCs. (iPod helped bring the Apple name to the forefront for consumer electronics). I enjoy using my iPhones and my iPad Mini Retina and can’t imagine being without them. I’m also grateful Apple decided that iOS needed its own GUI and not be a shrunken down clone of desktop OS X.
But for desktop OS X? Some of the decisions Apple has made here have made me scratch my head and wonder. I’m sure a lot of underlying code in the latest OS versions are good and needed and I’m all for that. My ideal OS X version would be the code base for Yosemite (once the bugs have been ironed out) with the GUI functionality of Mountain Lion. (Not the looks, but the functionality).
But that’s a pipe dream… It’ll never happen and for better or worse the Apple of today has a plan for OS X and they’re moving forward with it. But a guy can dream, can’t he?
The “Save As…” experiment was done in concert with Apple’s applications saving versions to which you could revert. it made theoretical sense, especially since the “Duplicate” dialog essentially replaced “Save As…”.
However, using “Duplicate” added unnecessary steps, and the reality was that the process simply did not mesh with how people worked. For decades people have used “Save As…” and had trained themselves in this manner. So Apple quickly brought back “Save As…”. So apparently your applications/OS is really out of date.
Yeah, I heard Apple brought back “Save As” in Mountain Lion so I quickly updated when it was available… To no avail. Which version of Mountain Lion has “Save As”?
I use older apps and they thankfully still allow me to “save as” so it’s really only Apple’s own apps that are a PITA… especially Preview.
BTW, you are so right in “Duplicate” adding in extra steps and it was just a mess sometimes, especially when you want to just change a paragraph or two in a report from the month of. October to November. I still curse every time I forget to Duplicate first before editing (my normal method is edit first then “Save As”).
So, if you somehow get an App from somewhere other than Apple’s App Store, you are up shit creek without a paddle.
Stupid is as stupid does.
Same for all operating systems. There are stores that test incoming apps like Apple’s and there are fly by night places I wouldn’t download free money from. There are independent vendors that I trust though.
Again, this problem resulted from people downloading apps from a third party app store. This is why iOS devices are prohibited from loading apps from anywhere but Apple’s App Store, and why the Mac App Store is being pushed to take over all software downloads as well.
It’s also why Android will continue to be a haven for hackers and malware pushers.
MacDailyNews Take: Those who venture outside the Apple ecosystem do so at their own risk.
This is an asinine take. Mac + OS X is a platform, not an appliance.
As MDN has affirmed again and again, Apple’s App Store policies are arbitrary, uneven and opaque; its licensing model is confusing and incomplete; and it DOES NOT IN FACT have a spotless record of preventing malware distribution (E.g., Bing the Jekyll incident of August 2013).
We like OS X, we like Mac, and we even like the App Store as a marketing and sales platform for small developers. But to suggest that one should be trepidatious about using software sold or distributed outside Apple’s store makes MDN guilty of the FUD it so often decries.
Take it back. We should be preaching protect yourself and be vigilant when dealing with ANY software you didn’t write yourself, whether it was distributed to you by Apple or not.