A new variety of malware is targeting users with Macs, iPhones and iPads, according to new research.
Dubbed WireLurker, the malware was discovered by researchers working for Palo Alto Networks, who discovered it targets both OS X and iOS devices.
The malware has been found in 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China, and the infected applications have been downloaded more than 356,104 times. As a result, they may have impacted hundreds of thousands of users.
WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken or not.
"This is the reason we call it WireLurker," said Palo Alto Networks researcher Claud Xiao.
While similar methods to attack non-jailbroken devices have been demonstrated in the past, this malware combines a number of techniques to present a threat to all iOS devices.
The malware exhibits a complex code structure, multiple component versions, file hiding, code obfuscation and customised encryption to thwart anti-reversing, according to Xiao.
He said the malware is capable of stealing information such as Apple IDs and contacts. It also regularly requests updates from the attacker's command and control server. "This malware is under active development and its creator's ultimate goal is not yet clear," said Xiao.
"WireLurker is unlike anything we've ever seen in terms of Apple iOS and OS X malware," said Ryan Olson, intelligence director at Palo Alto Networks' threat intelligence team Unit 42.
"The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world's best-known desktop and mobile platforms."
The security outfit recommends users do not download Mac apps from third-party stores, jailbreak iOS devices or connect iOS devices to untrusted computers and accessories in order to evade the malware threat.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
Apple iPad Pro 12.9in (2021) review: A giant leap for Apple siliconReviews Paired with a 120Hz display with incredible colour accuracy, the iPad Pro is more deserving of its name than ever
-
Apple iPad (2021) review: The best entry-level iPadReviews Although pointing more to the past than the future, this iPad succeeds where it matters
-
Apple iPad Pro 12.9in (Apple M1, 2021) review: Falls just short of greatnessReviews More of a laptop alternative than ever with a stupendous display but iOS still has flaws
-
Apple discontinues the iMac ProNews Desktop product shake-up paves the way for new Apple Silicon-powered machines
-
M1 Mac mini users suffering Bluetooth connectivity problemsNews It’s unknown if the issue is in the new Apple silicon or the Big Sur OS
-
Microsoft Office for iPad gets mouse and trackpad supportNews The iOS app update also brings a new start screen and a ribbon of feature menus
-
The 8th-generation iPad debuts with the A12 Bionic chipNews Apple claims it's latest entry-level iPad is three times faster than the top Android tablet
-
Apple iPad Pro 12.9in (2020) review: Believe the hypeReviews The most expensive and most ambitious iPad yet
