We answer all questions you might have about the recently discovered malware that specialises in infecting iOS devices.
What is Wirelurker?
It is a Chinese-developed malware that infects computers and transfers itself through USB on devices As well all know, not all apps from the official App Store are free and so there are consumers who, from time to time, turn towards this Chinese app store that specialises in free apps and games.
How does it work?
‘WireLurker’ is almost like a BOGOF package on iOS apps that are downloaded from the ‘Maiyadi’ app store.
Which apps are known to have the malware on it already?
“The Sims 3,” “International Snooker 2012” and “Pro Evolution Soccer 2014,” downloaded off Maiyadi are known to have a version of the malware according to Palo Alto Network’s research paper. More worryingly, these apps have been downloaded more than 350,000 times in the past six months and the malware could have radiated out hundreds of thousands of times from the infected devices already.
How can I accidentally get it on my iOS device?
There have been three iterations of WireLurker. The third one is the most sophisticated where it targets both jailbroken and regular devices and uses a digital certificate issued by Apple to run in-house apps that are otherwise not available on the App Store. This certificate has the same level of clearance that a large corporate organisation’s in-house app would have on devices it gives out to its employees for work. Previous versions would, usually, get downloaded from the Maiyadi App Store and then transfer itself onto other iOS devices when they are connected using USB.
I am worried- how can I safe-guard my iPhone, iPad and MacBook?
Every new virus, worm or malware is a threat to your devices because they all want what you hold most dear- personal details. It is important to be cautious in your approach to buying apps.
It is better to spend 69p on an app from Apple’s App Store that is ring-fenced to prevent such malicious attacks than to download a free app and then get your information wiped/stolen.
Even though the ultimate objective of the creators of WireLurker isn't clear yet, Palo Alto Network’s Ryan Olson said: "WireLurker is unlike anything we've ever seen in terms of Apple iOS and OS X malware, the techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world's best-known desktop and mobile platforms."
So, be worried…but be cautious!