Story image

'New era' as iOS comes under malware attack

07 Nov 2014

The long held confidence iPhone users have had that they’re safe from malware has been dealt a blow, with enterprise security company Palo Alto Networks reporting a new family of Apple iOS and OS X malware.

The enterprise security company says the new malware family, dubbed WireLurker, marks ‘a new era’ in malware across Apple’s desktop and mobile platforms.

WireLurker can infect even non-jailbroken iOS devices through trojanised and repackaged OS X applications and is the first known malware family that can infect installed iOS applications similar to how a traditional virus would.

It jumps from infected Macs onto iPhones through USB connections.

Palo Alto Networks says WireLurker is capable of stealing a variety of information from infected mobile devices, and regularly requests updates from the attackers command and control server. However, the company notes the malware is under active development and its creators ultimate goal is still not yet clear.

The malware family, which has been targeting iOS and OS X for the past six months, is the first in-the-wild malware family that can install third-party applications on non-jailbroken iOS devices through enterprise provisioning.

Palo Alto Networks says it is also only the second known malware family that attacks iOS devices through OS X via USB and is the first malware family to automate generation of malicious iOS applications through binary file replacement.

A Palo Alto Networks blog says WireLurker was used to trojanise 467 OS X applications on Chinese third-party app store, Maiyadi.

“In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users,”

Ryan Olson, Palo Alto Networks intelligence director, Unit 42, says WireLurker is unlike anything seen before in terms of Apple iOS and OS X malware.

“The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”

Palo Alto Networks is recommending a number of actions Apple users can take to mitigate the threat from WireLurker and similar threats, including enterprises routing mobile device traffic through threat prevention systems using mobile security applications, and employing an antivirus or security protection product for the Mac OS X system and keeping its signatures up-to-date.

The company also recommends ensuring ‘Allow apps downloaded from Mac App Store (or Mac App store and identified developers)’ is set in the OS X System Preferences panel, under security and privacy.

Users should also avoid downloading and running Mac applications or games from third-party app stores, download sites or any other untrusted sources and keep the iOS version up-to-date.

Other recommendations from Palo Alto Networks are:

- Do not accept any unknown enterprise provisioning profile unless an authorised, trusted party (eg your IT corporate help desk) explicitly instructs you to do so- Do not pair your iOS device with untrusted or unknown computers or devices- Avoid powering your iOS device through chargers from untrusted or unknown sources- Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)- Do not jailbreak your iOS device. If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device

How Dell EMC and NVIDIA aim to simplify the AI data centre
Businesses are realising they need AI at scale, and so enterprise IT teams are increasingly inserting themselves into their company’s AI agenda. 
Orange Belgium opens 1,000 sqm Antwerp data centre
It consists of more than 500 high-density 52 unit racks, installed on the equivalent of 12 tennis courts.
Time to build tech on the automobile, not the horse and cart
Nutanix’s Jeff Smith believes one of the core problems of businesses struggling to digitally ‘transform’ lies in the infrastructure they use, the data centre.
Cloud providers increasingly jumping into gaming market
Aa number of major cloud service providers are uniquely placed to capitalise on the lucrative cloud gaming market.
Intel building US’s first exascale supercomputer
Intel and the Department of Energy are building potentially the world’s first exascale supercomputer, capable of a quintillion calculations per second.
NVIDIA announces enterprise servers optimised for data science
“The rapid adoption of T4 on the world’s most popular business servers signals the start of a new era in enterprise computing."
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Storage is all the rage, and SmartNICs are the key
Mellanox’s Kevin Deierling shares the results from a new survey that identifies the key role of the network in boosting data centre performance.