Your IT Consultant

Didn’t Jailbreak Your iPhone, No Problem – You Can Still Get Infected

November 10, 2014

Apple has always been big on touting the security of the App Store and protecting its products from malicious software. Certainly devices that have been jailbroken are more vulnerable, but there is a new strain of malware that should finally wake up all Apple users. The well respected Palo Alto Networks has just discovered a new era of OS X and iOS malware that is downright scary. The malware is name WireLurker and Palo Alto notes the following characteristics:

• Of known malware families distributed through trojanized/repackaged OS X applications, it is the biggest in scale we have ever seen
• It is only the second known malware family that attacks iOS devices through OS X via USB
• It is the first malware to automate generation of malicious iOS applications, through binary file replacement
• It is the first known malware that can infect installed iOS applications similar to a traditional virus
• It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning

Even though the command and control infrastructure (C&C) for WireLurker has been shut down, Apple needs to fix the design flaw that causes the compromise in the first place. This is just the first of many future attempts to attack the Apple ecosystem.

Still don’t have security software installed on your iOS device? If this latest discovery doesn’t convince you that you need to protect your Apple device like any other computer, good luck fending off this latest attack vector.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com