The company announced it had blocked the first malware able to infect its mobile devices and apps that have not been jailbroken. The malicious software, dubbed Wirelurker, was discovered by security researchers a few days ago to be supplied alongside pirated copies of Chinese Mac applications. Then it was waiting for iPhones and iPads to be connected to the computer over a USB cable to infect them.
The tech giant admitted it knew about malware available from a download website aimed at users in China, and they have blocked the identified applications in order to prevent them from launching. Apple didn’t explain how it blocked the threat, but the company emphasized that everyone would have been safe from the very beginning if they had downloaded and installed software from trusted sources.
The infected applications originated from the Maiyadi App Store, a 3rd-party application store based in China. The latter is filled with pirated and illegal copies of major applications like Dropbox, Spideroak and Autodesk.
The malware in question abused capabilities in Apple’s OS that are designed to enable companies to install their own apps on employees’ phones and tablets. That allowed Wirelurker to not only scrape information from the infected iOS devices, but even install 3rd-party apps on those devices and infect installed apps. According to security experts, it is the first in-the-wild malicious software family that was able to do this, and only the second ever that attacked iOS devices via OS X.
In the meantime, another Apple flaw disclosed last week, Rootpipe, is still not fixed. The security expert who discovered it refused to explain how the flaw, which allows the hackers to gain root privileges without password, can be abused. He claimed he was waiting for the company to issue a patch first.
969 total views, 2 views today