It can be recalled that last week, Apple devices became the target of a malware dubbed as WireLurker, infecting as much as 356,000 users all based in China where the malware code was kept hidden in 467 OS X applications on the unofficial Maiyadi App Store.
Photo from mikshouts.com.
WireLurker attacks by infecting Mac OS X machines first, which are your basic Mac desktops and MacBooks. After which, it does its its infiltration to other Apple devices from iPads to iPhones via installation of rogue apps as soon as they’re connected through the USB. What makes this different from previous iOs malware strains though is the fact that the device need not be jailbroken.
Given that it was packaged inside apps that seemed legitimate (Angry Birds, Sims 3 and Pro Evolution Soccer 2014), it wasn’t the least bit surprising why so many users were able to download the WireLurker malware. However, what makes the whole scenario intriguing is it seems that the WireLurker malware that attacks Apple devices is seemingly more concerned with being able to identify owners compared to the usual data stealing scheme.
According to iOS security expert, Jonathan Zdziarski, the said malware have identities of software pirates from China as its target. On jailbroken phones, it also seeks to obtain more information which include SMS messages.
With this development, one comes to wonder if WireLurker could possibly be an enforcement tool of the law. If so, then it clearly shows that China is not the least bit phased by Apple’s efforts to keep the security and privacy of its users. It can be recalled that the prior month, it has been accused of attempting to intercept passwords of iCloud users. An accusation that it denied.
WireLurker succeeded in being able to get malicious apps to iOS devices through abuse of “enterprise provisioning.” This enables apps that don’t belong in Apple’s official stores to be downloaded just so long as they’re signed by an enterprise certificate, which Apple could also revoke.
For his part though, Zdziarski has expressed that he doesn’t believe that the government backed such attacks. He thought of WireLurker as rather primitive; however, it has shown Apple’s security loopholes in its pairing mechanism between personal computers and mobiles. Pointing out that although WireLurker may be amateur, a sophisticated attacker such as GCHQ or NSA can easily come up with a more dangerous and effective malware attack.
