Apple’s iOS has historically been the safest mobile operating system in terms of malware threats, but 800 million devices could now be at risk from a new breed of malware known as WireLurker.
Identified by Palo Alto Networks Inc., WireLurker is “capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server,” according to their thirty page report. “This malware is under active development and its creator’s ultimate goal is not yet clear.”
There have been several reports recently of mobile malware with the potential to steal sensitive information such as banking data or Social Security Numbers, including Android Fake ID and user interface state interference attacks.
While the hackers behind WireLurker are only known to have stolen users’ messaging IDs and address book contacts, the potential exists to steal “your Apple ID or something else that’s bad news,” according to Ryan Olson, Palo Alto Networks intelligence director. Olson also notes that “WireLurker is unlike anything we’ve ever seen in terms of Apple iOS and OS X Malware.”
The malware installation takes place when users plug their iOS devices into their Mac computers running OS X. This is the only active malware threat to devices running the standard iOS (i.e. non-jailbroken devices).
WireLurker was used to trojanize 467 OS X applications on the Chinese third-party Maiyadi App Store. After being trojanized – infected with malware that allows hackers remote access to a user’s computer – these applications were downloaded over 356,104 times.
WireLurker is the first known malware that is able to automatically generate malicious iOS applications, and the first that can infect iOS applications already installed on the device like a traditional virus. Palo Alto believes this to be the beginning of “a new era in malware across Apple’s desktop and mobile platforms.”
As threats to mobile users continue to evolve and grow, proactive brand monitoring becomes more important than ever. IP Lasso provides consultations for brand owners concerned that trojanized apps may be impacting their customers.