Editor
According to the researchers WireLurker runs on OS X system and is capable of installing a downloaded app or generate one itself on to the iOS device connected through USB. It doesn’t matter whether the device is jailbroken or not. Since the technique used is enterprise provisioning, the generated application appears as if it is built – in. Sometimes a confirmation dialog box pops up and the other times the app behaves just like normal un – infected apps. However, the purpose of the malware is still unclear. Apart from doing all this, it also checks back quite often for updates from the server. Palo Alto Networks recommend not to use 3rd – party app stores, don’t pair devices with unknown systems, always keep your OS updated and also unless explicitly instructed by the application, don’t accept any provisioning profile.
Installing a mobile security app is always a good idea. on the other side Apple’s new payment gateway – Apple Pay doesn’t add privacy even though it provides a secure and easy way to make payments. Coming to privacy, what you bought is not visible to Apple and your card number is not visible to the merchant. As per the Apple’s guide, the transaction takes place between you, the bank and the merchant. However, Apple and your bank would still know the time, value and location of the transaction. Merchant would know the goods that were purchased for that amount. This means your transaction can be identified. However this would happen only if someone does the data matching through data brokers like Experian, Acxion, Datalogix and so on. Most of the apps on our phones are data – logging. The devices don’t store your card number. Instead, a device account number or DAN is used. Therefore some other device cannot make a transaction using this DAN which ups its security levels.
Gollapalli Nithin Kumar
Editorial Staff
