Apple has blocked applications that have been identified as being infected by the newly discovered WireLurker malware, which primarily targets iPhone users in China. The new malware was discovered by Palo Alto Networks, a Santa Clara, California-based security firm, which published a research paper on the hacking tool on Wednesday.
According to Palo Alto Networks, the WireLurker malware makes its way onto a device through downloads available from a Chinese app store for Mac computers. After the user connects an iPhone or iPad to the infected Mac, it automatically installs potentially malicious third-party apps on the device, regardless of whether or not it is jailbroken. However, Apple said that it is aware of WireLurker and has taken action.
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching,” the company told the Wall Street Journal in a statement on Thursday.
Researchers from the security firm found that the malware had affected 467 apps on the Maiyadi App Store for Mac computers and had been downloaded more than 356,000 times. The malware's characteristics make it the first known malicious software to infect an iPhone like a computer virus, the Journal reported.
“WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server,” Palo Alto Networks said, in a statement. “This malware is under active development and its creator’s ultimate goal is not yet clear.”
The security firm has provided a set of recommendations to mitigate the threat from WireLurker. According to the company, users should use an updated antivirus or security protection product for Mac OS X, and stay away from third-party app stores. Users are also advised to use an updated version of the iOS operating system.