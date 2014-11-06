(Adds comments, details on the malware)
By Sai Sachin R
Nov 5 Palo Alto Networks Inc has
discovered a new family of malware that can infect Apple Inc's
desktop and mobile operating systems, underscoring the
increasing sophistication of attacks on iPhones and Mac
computers.
The "WireLurker" malware can install third-party
applications on regular, non-jailbroken iOS devices and hop from
infected Macs onto iPhones through USB connector-cables, said
Ryan Olson, intelligence director for the company's Unit 42
division.
Palo Alto Networks said on Wednesday it had seen indications
that the attackers were Chinese. The malware originated from a
Chinese third-party apps store and appeared to have mostly
affected users within the country.
The malware spread through infected apps uploaded to the
apps store, that were in turn downloaded onto Mac computers.
According to the company, more than 400 such infected apps had
been downloaded over 350,000 times so far.
It's unclear what the objective of the attacks was. There is
no evidence that the attackers had made off with anything more
sensitive than messaging IDs and contacts from users' address
books, Olson added.
But "they could just as easily take your Apple ID or do
something else that's bad news," he said in an interview.
Apple, which Olson said was notified a couple weeks ago, did
not respond to requests for comment on Wednesday.
Once WireLurker gets on an iPhone, it can go on to infect
existing apps on the device, somewhat akin to how a traditional
virus infects computer software programs. Olson said it was the
first time he had seen it in action. "It's the first time we've
seen anyone doing it in the wild," he added.
