iPhone & iPad users under attack from malware

A new variety of malware is targeting users with Macs, iPhones and iPads, according to new research.

Dubbed WireLurker, the malware was discovered by researchers working for Palo Alto Networks, who discovered it targets both OS X and iOS devices.

The malware has been found in 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China, and the infected applications have been downloaded more than 356,104 times. As a result, they may have impacted hundreds of thousands of users.

WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken or not.

"This is the reason we call it WireLurker," said Palo Alto Networks researcher Claud Xiao.

While similar methods to attack non-jailbroken devices have been demonstrated in the past, this malware combines a number of techniques to present a threat to all iOS devices.

The malware exhibits a complex code structure, multiple component versions, file hiding, code obfuscation and customised encryption to thwart anti-reversing, according to Xiao.

He said the malware is capable of stealing information such as Apple IDs and contacts. It also regularly requests updates from the attacker's command and control server. "This malware is under active development and its creator's ultimate goal is not yet clear," said Xiao.

"WireLurker is unlike anything we've ever seen in terms of Apple iOS and OS X malware," said Ryan Olson, intelligence director at Palo Alto Networks' threat intelligence team Unit 42.

"The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world's best-known desktop and mobile platforms."

The security outfit recommends users do not download Mac apps from third-party stores, jailbreak iOS devices or connect iOS devices to untrusted computers and accessories in order to evade the malware threat.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.