Apple’s good reputation around security has mainly been due to lack of marketshare and lack of high-value targets but a new piece of malware may alter that perception. The new malware infects both OS X and iOS and has already potentially compromised hundreds of thousands of devices.
Dubbed Wirelurker, this new piece of malware was discovered by researchers after it infected hundreds of Mac OS X applications on the Maiyadi Store, a third party Mac application store in China.
Through the app store downloads it would spread to iMacs and Macbooks where it would wait for a USB connection to an iPhone. Once available the malware would spread itself onto the phone, where it would either inject a test app, or replace certain money transfer apps depending on whether the iPhone was jailbroken or not. And it does all of this by using Apple’s enterprise app deployment system, designed to allow mass deployment of software without going through the App Store.
The researchers estimate that the infected applications were downloaded over 350,000 times with potentially hundreds of thousands of iPhones being affected.
Of course you should be at least safer if not completely safe as long as you stick to official App Stores but this event does highlight a new attack vector, one that may be used a lot in the near future if it proves successful.
Source: Palo Alto Networks