Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Chinese sites hosting 'Wirelurker' Mac-to-iOS malware taken down, suspects arrested

Last updated

A Beijing government agency on Monday announced the arrest of three suspects thought to be behind the so-called "WireLurker" trojan targeting Mac and iOS devices, saying websites hosting the malware have been shut down.

In a post to Chinese microblogging site Sina Weibo, the Beijing Municipal Public Security Bureau said it identified and subsequently closed down "WireLurker" operations last Friday. Three suspects were taken into custody under charges of conspiring to use the malware to illegal profits. The news was first spotted by ZDNet.

Detailed in a paper from security research firm Palo Alto Networks earlier this month, WireLurker is a specialized piece of malware that inserts itself onto a Mac running OS X, then jumps to iOS devices over USB. Unlike past attacks, WireLurker is capable of affecting non-jailbroken hardware. The program has reportedly been in the wild for past six months in China.

Taking advantage of an app provisioning vulnerability, WireLurker lays dormant on a user's computer in an infected OS X app. The malware monitors for new iOS devices and installs malicious apps downloaded from an off-site server or generated autonomously on-device. From there, the program can access user information like contacts, read iMessages and perform other functions determined by the command-and-control server.

As noted by AppleInsider, WireLurker is only a threat to users who disable Apple's default security measures, as the enterprise provisioning certificates used in the attack were blocked by Apple shortly after discovery.

With Apple's global smartphone marketshare continues to rise, so do the number of attempts to surreptitiously harvest data from unsuspecting consumers. A week after WireLurker popped up on the radar, another piece of malware dubbed "Masque Attack" was discovered. Masque Attack also takes advantage of Apple's app provisioning system to install nefarious software on iOS devices, but is unique in that it replicates existing apps to trick users into handing over sensitive information.



14 Comments

❄️
rob53 13 Years · 3315 comments

China still has a long ways to go regarding human rights but it appears they are finally cracking down on some illegal behavior and that's a good sign. Time we give them a second chance to prove themselves.

🌟
jbdragon 10 Years · 2312 comments

Quote:
Originally Posted by rob53 
 

China still has a long ways to go regarding human rights but it appears they are finally cracking down on some illegal behavior and that's a good sign. Time we give them a second chance to prove themselves.

 

Well they can't have their own people doing it for profit and to screw people over for the fun of it, that's for the Government to do.  So go to jail or Work for US!!!

🍪
thewhitefalcon 10 Years · 4444 comments

Quote:
Originally Posted by JBDragon 
 

 

Well they can't have their own people doing it for profit and to screw people over for the fun of it, that's for the Government to do.  So go to jail or Work for US!!!


Yeah, I can't help but wonder if the government there plans to use this for their own purposes.

🍪
solipsismy 10 Years · 5099 comments

[quote name="rob53" url="/t/183474/chinese-sites-hosting-wirelurker-mac-to-ios-malware-taken-down-suspects-arrested#post_2640965"]China still has a long ways to go regarding human rights but it appears they are finally cracking down on some illegal behavior and that's a good sign. Time we give them a second chance to prove themselves. [/quote] So are every other country, especially the US, but, yes, they are a farther behind than many others.

🍪
MacPro 18 Years · 19845 comments

Wow, Apple certainly has some 'clout' in China, to use an English expression.