Palo Alto Networks announced discovery of a new "WireLurker" malware attacking Apple OS X and iOS platforms. In a technical alert bulletin, the company said WireLurker marks a new era in malware across Apple's desktop and mobile platforms.
Among its defining characteristics, WireLurker represents:
- The first known malware family that can infect installed iOS applications similar to how a traditional virus would
- The first in-the-wild malware family that can install third-party applications on non-jailbroken iOS devices through enterprise provisioning
- Only the second known malware family that attacks iOS devices through OS X via USB
- The first malware family to automate generation of malicious iOS applications through binary file replacement.
Palo Alto Networks has released signatures to detect all WireLurker Command & Control communication traffic.
"WireLurker is unlike anything we've ever seen in terms of Apple iOS and OS X malware. The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world's best-known desktop and mobile platforms. As such we have provided full protection to Palo Alto Networks customers and published a detailed report so others can assess the risk and take appropriate measures to protect themselves," stated Ryan Olson, Intelligence Director, Unit 42, Palo Alto Networks.
https://www.paloaltonetworks.com/company/press/2014/palo-alto-networks-reveals-discovery-of-unprecedented-ios-and-os-x-malware.html