9 November 2014

SCARY NEW FORM OF MALWARE TARGETS IPHONES/IPADS

November 6, 2014

Cyber security researchers have discovered a ‘scary,’ new form of malware, dubbed ‘WireLuker,’ which collects call logs, phone-book contacts, and other sensitive information from Apple iPhones and iPads.

Mike Campbell, writing on the November 5, 2014 online edition of AppleInsider, notes that cyber security researchers at California-based Palo Alto Networks, called the newly discovered malware, dubbed WireLurker, “the biggest in scale we’ve ever seen.” Mr. Campbell writes that “WireLurker has been active in China for the past six months, first infecting Macs by inserting Trojan software through repackaged OS X apps, then moving on to iOS devices via a USB.” Palo Alto Network researchers say “the malware is the first to automate generation of malicious iOS apps by implementing a binary file replacement attack.”

Martyn Williams, writing in the November 6, 2014 online edition of TechWorld, writes that the malware begins its dirty work, once an individual — unwittingly — downloads infected software from the Web…into a desktop, or laptop computer.

“They are still preparing for an eventual attack,” said Ryan Olson, Palo Alto Director of Threat Intelligence. “Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”

“Unlike other viruses,” Mr. Campbell writes, “which usually target jail-broken [devices that have had some of their security applications removed or disabled so certain apps can run on them] iOS devices, WireLurker can jump from a Mac onto an iPhone — running a vanilla version of Apple’s operating system…by leveraging Apple’s enterprise provisioning assets.”

“As described by Palo Alto Networks, WireLurker monitors a Mac for new iOS devices, through infected programs, then installs over USB malicious applications — either downloaded from a remote server, or generated autonomously on-device. Once installed, the malware can access sensitive data like user contacts, read iMessages, and ping a remote server for command-and-control operations, among other nefarious functions,” Mr. Campbell noted. “So far,” he writes, “467 iOS apps have been infected and distributed through China’s third-party Maiyadi App Store, with downloads totaling over 356,104 possibly impacting “hundreds of thousands” of users.” It is unclear what information the malware’s creator is after, but the code is being continuously updated; and, is therefore deemed active,” Mr. Campbell concluded.

And, the cyber crime game of cat-and-mouse continues. V/R, RCP

Share this:

No comments: