WireLurker, a virus that cracked into Apple’s highly secure operating system, has been shut down, according to Palo Alto Networks, the cyber security firm that discovered the virus.
WireLurker installed malicious applications on Mac computers and then infected iPhones and iPads once directly connected with a USB cable. Palo Alto networks said “hundreds of thousands” of Chinese Apple users may have been impacted when they downloaded apps from third-party app store, Maiyadi.
Ryan Olson directs Unit 42, the group within the company that identified WireLurker. The company called the malware campaign the biggest in scale it has ever seen, and it appears the virus's creator is based in China where the malware was primarily targeted. “We think it was Chinese individuals attacking other Chinese individuals. We don’t think it was espionage," Olson said. We think it was people who were going out with criminal intent to eventually steal money or data."
He went on to say the goal behind the malware's creation wasn't clear.
A researcher collaborating with Palo Alto Networks tracked down the malware's developer, who communicated in Mandarin on an instant message client and took credit for creating WireLurker. The program infected 467 applications that were downloaded more than 356,000 times On Thursday, Apple told FOX Business it blocked the infected applications.
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources,” a spokesperson said in a statement. Although WireLurker has gone dark for now, its impact will reverberate throughout the hacking world. Palo Alto Networks expects to see other hackers pick up the tactics WireLurker used and take advantage of them in future cyber attacks. Despite the hundreds of thousands impacted in China, Apple’s sterling reputation for impenetrable security seems to have avoided a major crisis and emerged with its security reputation very much intact. “Apple is still in a really good position…They have a walled garden and generally people don’t get infected unless they remove the protections. This was a crack and Apple was able to seal it pretty quickly,” Olson said.
He added this instance is not the end of Apple's security record, thought people should take note and realize cracks in the impenetrable security system occasionally show. “Nothing is really immune to attack," he said.
Protecting Against Holiday-Season Attacks With the holiday shopping season in full swing, consumers should expect to see more attacks targeted squarely at e-commerce.
“With any seasonal changes, we see attacks on consumers that make use of the season at hand… It’s a cyclical trend you see every single year. They’ll remerge and kick up at the end of this year,” Olson predicted. One popular holiday tactic: Sending malware in the form of fake holiday e-cards or package delivery notifications. In the aftermath of Target's (NYSE:TGT) and Home Depot’s (NYSE:HD) massive data breaches, Palo Alto Networks has seen an increase in major corporations investing in building threat intelligence teams inside their companies. It can be a faster, more effective way to monitor ongoing threats.