Today we published a new research paper on WireLurker, a family of malware targeting both Mac OS and iOS systems for the past six months. We believe that this malware family heralds a new era in malware attacking Apple’s desktop and mobile platforms based on the following characteristics:
- Of known malware families distributed through trojanized / repackaged OS X applications, it is the biggest in scale we have ever seen
- It is only the second known malware family that attacks iOS devices through OS X via USB
- It is the first malware to automate generation of malicious iOS applications, through binary file replacement
- It is the first known malware that can infect installed iOS applications similar to a traditional virus
- It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning
WireLurker was used to trojanize 467 OS X applications on the Maiyadi App Store, a third-party Mac application store in China. In the past six months, these 467 infected applications were downloaded over 356,104 times and may have impacted hundreds of thousands of users.
How It Works
ISMG’s recent Advanced Persistent Threats Survey, sponsored by Palo Alto Networks, reviews the current advanced threat and APT landscape as well as where traditional security solutions fall short.
Here is what jumps out about APT findings based on ISMG data:
Unit 42, the Palo Alto Networks threat intelligence team, will be appearing on a live webcast and Q&A with Dark Reading tomorrow, Thursday, August 28 at 2:00 p.m. EDT.