WireLurker Malware Targets Chinese iOS And iPhone Users Through Third Party Apps

A new malware is making its rounds the mobile sphere targeting Chinese Apple iPhone and iOS users. The software, dubbed WireLurker, was discovered by Santa Clara, California-based security firm Palo Alto Networks and was detailed in a research paper published Wednesday.

“Of known malware families distributed through trojanized/repackaged OS X applications, it is the biggest in scale we have ever seen,” Palo Alto Networks said.

WireLurker is said to target primarily Chinese iOS users and is designed to steal data, though it is mostly avoidable. But it’s a reminder that hackers and authors of viruses have increasingly looked to target Apple’s mobile platform.

The malware reportedly made its way onto an iPhone or iOS device through an infected computer and then installed third-party apps onto an iOS device regardless of whether or not it had been jailbroken, a process which removes software limitations set by Apple. Instead, it took advantage of Apple’s enterprise features, which allows companies to install custom apps on iOS devices without submitting them through the App Store. GBA4iOS, a video game console emulator, famously used such an exploit to allow iOS users to install the app without being approved in the App Store. Once it infects a Mac desktop, WireLurker is said to look for iOS devices connected through USB and spreads the infection using those methods.

The WireLurker malware is said to have infected at least 467 OS X apps on the Maiyadi App Store, a third-party app store in China, according to the firm. And those applications were downloaded at least 356,000 times.

To avoid WireLurker, Palo Alto Networks advises users to run the latest versions of iOS, use antivirus and avoid downloading Mac apps from any untrusted sources, among other precautions.

Swedish security researchers disclosed the existence of another security flaw in Apple's latest desktop operating system OS X Yosemite called Rootpipe, which can allow hackers to gain full access to a computer running the OS.

"We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching," an Apple spokeperson said. "As always, we recommend that users download and install software from trusted sources."