New Apple Malware: #WireLurker. Infects OS X systems, then jumps to iOS via USB cable.
New Apple Malware: #WireLurker. Infects OS X systems, then jumps to iOS via USB cable. Abuses trusted pairing and enterprise provisioning.— Mikko Hypponen (@mikko) November 6, 2014
WireLurker was found by the colleagues at Palo Alto Networks: https://t.co/0FxvLOo3jm Good summary by @JZdziarski: http://t.co/UfloPlo89V
— Mikko Hypponen (@mikko) November 6, 2014
Prevention from Palo Alto Networks PDF Link in Mikko’s tweet above:
Prevention
The following are our recommendations to enterprises and users regarding
prevention or mitigation of WireLurker or similar OS X or iOS malware threats:
• Enterprises should assure their mobile device traffic is routed through a threat
prevention system using a mobile security application like GlobalProtect™
• Employ an antivirus or security protection product for the Mac OS X system
and keep its signatures up-to-date
• In the OS X System Preferences panel under “Security & Privacy”, ensure
“Allow apps downloaded from Mac App Store (or Mac App Store and identified
developers)” is set
• Do not download and run Mac applications or games from any third-party app
store, download site or other untrusted source
• Keep the iOS version on your device up-to-date
• Do not accept any unknown enterprise provisioning profile unless an
authorized, trusted party (e.g. your IT corporate help desk) explicitly instructs
you to do soPALO ALTO NETWORKS + WireLurker —Apple OS X and iOS malware 2 8
• Do not pair your iOS device with untrusted or unknown computers or devices
• Avoid powering your iOS device through chargers from untrusted or unknown
sources.
• Similarly, avoid connecting iOS devices with untrusted or unknown
accessories or computers (Mac or PC)
• Do not jailbreak your iOS device; If you do jailbreak it, only use credible
Cydia community sources and avoid the use or storage of sensitive personal
information on that device.
Update:
Apple Blocks affected apps from running:
pcworld.com