A new era of pain, apparently
By Darren Pauli, 6 Nov 2014
The largest-scale attack of its kind on Apple Macs, phones and tablets – and believed the first to maliciously target non-jailbroken iPhones – has been detected. And it's hit thousands and thousands of devices in the wild.
WireLurker infects OS X computers, and lies in wait for USB connections to Apple iPads and iPhones. It then installs malicious software on the iOS devices – software signed with a legit cryptographic certificate, so it's trusted by the gadget.
Victims have been told to warn friends who have plugged their devices into their diseased boxes – WireLurker gets into the Macs if the user runs dodgy programs from an unofficial app store.
Palo Alto Networks Networks researcher Claud Xiao reckons WireLurker "heralds a new era" in Apple malware and was a "new brand of threat."
"WireLurker was used to trojanise (infect) 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China," Xiao said.
"In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users."