US cybersecurity company Palo Alto Networks has discovered a new family of Apple OS X and iOS malware, which it states exhibits “previously unseen characteristics in documented threats targeting Apple platforms”.Dubbed “WireLurker”, Palo Alto Networks stated it marks a “new era in malware across Apple’s desktop and mobile platforms”, representing a potential threat to businesses, governments and Apple customers worldwide.
“WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken,” Palo Alto Networks stated of the malware’s modus operandi.
“This is the reason we call it ‘wire lurker’.”
WireLurker was used to trojanise 467 OS X applications on a third-party Mac application store in China, Palo Alto Networks stated, with the infected applications downloaded over 356,104 times in the past six months, potentially impacting hundreds of thousands of users.
The malware is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attacker’s command and control server, Palo Alto Networks further stated, adding that it is under active development, with its creator’s ultimate goal not yet clear.
“WireLurker is unlike anything we’ve ever seen in terms of Apple iOS and OS X malware,” commented Ryan Olson, Palo Alto Networks Unit 42 intelligence director.
“The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”