clock menu more-arrow no yes

Palo Alto Networks Discovers New Malware Targeted at Apple Devices (Updated)

Most of the users affected are in China.

Reuters / Adrees Latif

Palo Alto Networks has discovered a new family of malware that can infect Apple’s desktop and mobile operating systems, underscoring the increasing sophistication of attacks on iPhones and Mac computers.

The “WireLurker” malware can install third-party applications on regular, non-jailbroken iOS devices and hop from infected Macs onto iPhones through USB connector-cables, said Ryan Olson, intelligence director for the company’s Unit 42 division.

Palo Alto Networks said on Wednesday it had seen indications that the attackers were Chinese. The malware originated from a Chinese third-party apps store and appeared to have mostly affected users within the country.

The malware spread through infected apps uploaded to the apps store, that were in turn downloaded onto Mac computers. According to the company, more than 400 such infected apps had been downloaded over 350,000 times so far.

Apple issued a statement Thursday morning, saying it is aware of the malicious software available from a download site and has taken steps to protect users in China.

“We’ve blocked the identified apps to prevent them from launching,” said a spokesperson. “As always, we recommend that users download and install software from trusted sources.”

It’s unclear what the objective of the attacks was. There is no evidence that the attackers had made off with anything more sensitive than messaging IDs and contacts from users’ address books, Olson added.

But “they could just as easily take your Apple ID or do something else that’s bad news,” he said in an interview.

Apple, which Olson said was notified a couple weeks ago, did not respond to requests for comment on Wednesday.

Once WireLurker gets on an iPhone, it can go on to infect existing apps on the device, somewhat akin to how a traditional virus infects computer software programs. Olson said it was the first time he had seen it in action. “It’s the first time we’ve seen anyone doing it in the wild,” he added.

Updated at 10 a.m. Thursday to include a statement from Apple.

(Reporting By Sai Sachin R in Bangalore; Editing by Saumyadeb Chakrabarty and Cynthia Osterman. Additional reporting by Dawn Chmielewski).

This article originally appeared on Recode.net.