WireLurker is “the first known malware that can infect installed iOS applications similar to a traditional virus.” Photo: Jim Merithew/Cult of Mac
(Updated with Apple statement below.)
A new class of malware targeted at OS X and iOS is spreading like wildfire in China, according to new research by Palo Alto Networks. Dubbed WireLurker, the trojan hides itself in apps distributed through a third-party Chinese app store for OS X and side-loads itself onto iOS devices via USB.
What sets WireLurker apart from other malware is that it is capable of infecting non-jailbroken iOS devices, and it heralds “a new era in malware attacking Apple’s desktop and mobile platforms.”
But don’t worry about China peeking at your Snapchats. There has yet to be a widespread instance of iOS malware in the wild, and this particularly “advanced” trojan still requires a tremendous amount of complicit behavior on the victim’s part.
In what appears to be a strange slip on Apple’s part, Securelist is reporting that a Trojan Horse made its way into the iOS App Store this morning. The app, known as “Find and Call”, was available on both the iOS App Store and Google Play, and received a flood of bad reviews before being pulled from both stores.
Apple is working with Kaspersky to identify vulnerabilities in Mac OS X.
If you still think your Mac is immune to malware and malicious infections then it’s time to stop kidding yourself. The recent Flashback trojan has proven that these a real issue for Apple’s desktop operating system, and as long as Mac OS X continues to grow, so will its infections.
But Apple is now working to prevent them. It issued a fix for the Flashback infection after it became apparent just how huge it was, and the Cupertino company is now teaming up with security specialists Kaspersky to identify other vulnerabilities.
The Flashback infection could have generated more in 7 days than most will earn in a year.
The Flashback malware which was found to be infecting over 650,000 Macs at its peak was earning its creators up to $10,000 a day, according to security specialists Symantec. The OSX.Flashback.K trojan, which is believed to be the largest Mac infection to date, is designed to steal page views and advertising revenue from Google.
The Flashback saga has yet to reach its end, as a recent report debunks earlier claims that the number of infected Macs had fallen from 600,000 to 140,000 over a matter of a few days. Apple released a security tool to combat Flashback last week, and Norton Symantec reported that the number of infected machines had fallen to 140,000 shortly after. That number has been proven to be inaccurate.
In an interesting turn of events, the original Flashback whistleblower, Russian security firm Dr. Web, has revealed that around 650,000 Macs are still infected with the notorious trojan. Not only are there many Macs connected to the botnet that were previously unaccounted for, but more OS X computers are added every day.
Think Apple's software is free from vulnerabilities? You couldn't be more wrong.
Apple’s operating systems and its software are generally believed to be the best available in terms of security and stability, but a new report from Trend Micro reveals that’s a huge misconception… at least in recent months. In fact, the Cupertino company suffered more vulnerabilities during the last quarter than rivals like Oracle, Google, Adobe, and even Microsoft.
Just another reason why you should avoid installing Microsoft software on your Mac.
With the Flashback trojan now threatened by extinction thanks to Apple’s new removal tool, it’s time to turn our attention to another threat. A vulnerability in Microsoft Office is allowing the “Backdoor.OSX.SabPub.a” trojan to infect systems running Mac OS X and use a Java exploit to avoid detection from anti-malware products
Once on your system, the trojan can feed back screenshots of your system and execute commands.