Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
View
Go to last post Go to first unread
Offline News  
#1 Posted : Wednesday, November 5, 2014 11:58:01 PM(UTC)
News


Rank: Member

Reputation:

Groups: Administrators, Registered
Joined: 9/23/2007(UTC)
Posts: 25,073

Was thanked: 3 time(s) in 3 post(s)
When people think about Internet security, they still think of the various bugs, flaws, and malware that pervade the online world as a Windows problem. Macs have long enjoyed special status thanks to limited market share, while smartphones aren't generally considered to be an attack vector, no matter which OS you prefer. That's clearly changing -- a new report from Palo Alto Networks illustrates how a new Trojan they call WireLurker doesn't just infect iOS devices -- it relies on Mac OS X vulnerabilities to do so.

WireLurker contains a bevy of firsts and achievements. It's the largest malware to rely on repackaged OS X applications, the first to automate the generation of malicious iOS applications, the first that can infect iOS applications in a manner similar to a virus, and the first that can install third-party applications on non-jailbroken devices. Once it manages to infect an OS X system, WireLurker hides in the background, looking for an iOS device to attach to the computer. Upon detection, it installs third-party software to the phone or tablet regardless of whether the device is jailbroken or not.


The infection appears to have begun in the Maiyadi App Store, where its top targets have been downloaded thousands of times. The application has been updated multiple times since it first appeared and it's devilishly sneaky, with multiple methods of monitoring USB connections to sneak its payload aboard devices. Users are notified that a new application has requested install permissions, but the application itself runs and acts normally. Install an infected game, in other words, and your game still works.

Right now, WireLurker is capable of exporting your serial number, phone number, model number, device type, your Apple ID, UDID, WiFi address, and disk usage information.  According to the research team, WireLurker doesn't necessarily break new ground as far as its methods, but it's rare to see a product that targets non-jailbroken devices. Currently, no major virus scanners or websites properly identify WireLurker infection, though the Palo Alto team has written a script that can do so, located here.

Attacks like this are only going to become more common. Smartphones are the wave of the future and the expected method by which billions of people will get online over the next few decades. Malware and digital theft were never going to be far behind. 


All images credit: Palo Alto Networks

Palo Alto's security measures are fairly practical. Users should not allow third-party devices to create enterprise profiles, enterprises themselves should route their mobile traffic through threat prevention systems, everyone should keep their antivirus software updated, and people should stop thinking of device security as something only Windows users have to worry about. That last bit is us, not them, but take the point to heart. Nobody on any operating system is going to be able to rely on security through obscurity going forward. Except maybe Blackberry.
Offline starwhite  
#2 Posted : Thursday, November 6, 2014 12:14:27 AM(UTC)
starwhite


Rank: Member

Reputation:

Groups: Registered
Joined: 9/17/2009(UTC)
Posts: 156
Man
United States
Location: Rugby ND. WE have a small Ranch house 15 miles outside of town on the open prairie.

This exploit first requires that someone hack a Mac OS X machine, then when an iOS device connects via USB and is either already trusted or the user allows the iOS device to trust the Mac (which requires unlocking), then the WireLurker can infect the iOS device. It appears that most of the infections actually happen on jailbroken iOS devices that side load apps from sources that are not trustworthy. Further, the primary method of distribution of WireLurker appears to be a 3rd party Mac OS X app store in China.

Offline BrandonElliotGondron  
#3 Posted : Thursday, November 6, 2014 2:08:36 PM(UTC)
BrandonElliotGondron


Rank: Member

Reputation:

Groups: Registered
Joined: 12/2/2013(UTC)
Posts: 2

lol and they said macs can't get viruses well this proves the bullshit

Offline JacobMattos  
#4 Posted : Friday, November 7, 2014 7:54:17 AM(UTC)
JacobMattos


Rank: Member

Reputation:

Groups: Registered
Joined: 7/2/2014(UTC)
Posts: 9

lol

Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.