gusture default image

Apple iPhones, iPads getting infected with OS X malware

Apple iPhones, iPads getting infected with OS X malware. A new sophisticated malware has been discovered by the researchers at Palo Alto networks. They say this malware – named WireLurker is capable of infecting applications installed on iPhones and iPads. The malware is spreading through enterprise provisioning and can generate a complete malicious app automatically. This malware is transmitted to apple devices via USB connections from the systems running OS X. Researchers are saying that thismalware marks the generation of new kinds of malwares that are more sophisticated, powerful and therefore more harmful. This malware is first of kinds as it is the only one that can generate an infectious app on its own. It uses binary file replacement for this purpose. A more detailed report can be found here: WireLurker: A New Era in OS X and iOS Malware. The malware was first found in an app in Maiyadi App Store which is a  3rd – party app store. According to the statistics around 467 applications that were downloaded in the last 6 months were infected with this malware. Estimated number of downloads is 356,104 and by now 100s of 1000s of users’ phones might have been infected.

iPhones, iPads getting infected with OS X malware

According to the researchers WireLurker runs on OS X system and is capable of installing a downloaded app or generate one itself on to the iOS device connected through USB. It doesn’t matter whether the device is jailbroken or not. Since the technique used is enterprise provisioning, the generated application appears as if it is built – in. Sometimes a confirmation dialog box pops up and the other times the app behaves just like normal un – infected apps. However, the purpose of the malware is still unclear. Apart from doing all this, it also checks back quite often for updates from the server. Palo Alto Networks recommend not to use 3rd – party app stores, don’t pair devices with unknown systems, always keep your OS updated and also unless explicitly instructed by the application, don’t accept any provisioning profile.

Installing a mobile security app is always a good idea. on the other side Apple’s new payment gateway – Apple Pay doesn’t add privacy even though it provides a secure and easy way to make payments. Coming to privacy, what you bought is not visible to Apple and your card number is not visible to the merchant. As per the Apple’s guide, the transaction takes place between you, the bank and the merchant. However, Apple and your bank would still know the time, value and location of the transaction. Merchant would know the goods that were purchased for that amount. This means your transaction can be identified. However this would happen only if someone does the data matching through data brokers like Experian, Acxion, Datalogix and so on. Most of the apps on our phones are data – logging. The devices don’t store your card number. Instead, a device account number or DAN is used. Therefore some other device cannot make a transaction using this DAN which ups its security levels.

Subscribe

Enter your email address to receive regular news alerts from Block Quest.

Follow us

Keep up with our latest and worth consumable news and analysis.