Home » Operating Systems » Apple iOS » Researchers Find iOS App Virus ‘Wirelurker’

Researchers Find iOS App Virus ‘Wirelurker’


Researchers checking the new Mac OS X version, OS X Yosemite, have unfortunately discovered an interesting virus which is alarmingly able to make the jump between computers using OS X onto iOS mobile devices.

The team at Palo Alto Networks responsible for the research have managed to find the virus, a piece of Malware which they have dubbed ‘WireLurker’ during tinkering on the OS which revealed the running rampant throughout the software.

WireLurker is fortunately limited in scope due to its obscure point of entry onto MAcs – a CHinese based third party online app store known as Maiyadi. The Maiyadi App Store has been identified as where the virus first made its way onto the Macs it has now infected, users would download an app from Maiyadi and the virus would tag along for the ride with the download as a Trojan Horse.

SEE ALSO: SIM Free Google Nexus 6 Available in Play Store in the UK Now

The infection method is a classic one – it relies on users to accept and download the infected software themselves as opposed to breaking into their computers via more complex means.

However, once WireLurker makes it onto a Mac using OS X, it displays characteristics never before seen on Apple Mac – a platform long considered safer from viruses as its Windows counterparts.

Wirelurker sits idly on the Mac waiting for a user to plus in an iOS device, hence the name. Once the ‘lurking’ malware detects a ‘wire’ – the USB cable used to connect an iPod or iPhone, it installs unwanted dangerous software on the user’s device.

Cables are the vector through which WireLurker transfers dodgy files.

The programs installed are run of the mill spyware, adware and other malware applications chosen at random – it’s not these applications that make WireLurker so dangerous, it’s the way it works described above. What’s especially troubling however, is that WireLurker sends more dangerous software to jailbroken devices, those whose software has been altered to allow more functionality.

SEE ALSO: Oculus Rift May Not Arrive Until 2016

From what we’ve heard WireLurker most commonly installs a fake comic book app of non-jailbroken phones, a sort of test bed for future infections. Jailbroken phones receive more aggressive software designed to steal credit card information, read iMessage texts, steal addresses from Address Book and other such information theft.

Wirelurker’s code is also very complex – according to Palo Alto.”WireLurker exhibits complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing”

The complexity of the code may be one thing, but for users the most threatening part of the software is its Trojan Horse status. Palo Alto are encouraging users to not download any apps from third party stores and not to plug devices into untrusted devices using cables.

A WireLurker checking app is available here. Try it yourself and pray you don’t have the bug.

Check for Wirelurker Here: Github

Via: Techspot

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Post a comment

*

Your email address will not be shared or made public.

*

6 − 1 =