Apple announced on Thursday that it is putting measures into place to block apps containing the “WireLurker” malware. The malware transmits itself from an infected Mac to iOS devices via a USB cable, thereby infecting the iOS device. Apple is preventing the infected applications from launching.
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching,” Apple said in a written statement shared with The Wall Street Journal.
Silicon Valley security firm Palo Alto Networks, who found the malicious code in 467 apps on China’s Maiyadi App Store for Mac computers, disclosed the hacking tool in a research paper Wednesday afternoon. The apps had been downloaded more than 356,000 times, the company said.
Once in place, the WireLurker code can gather information from the infected iOS device, such as contacts and messages, and it can even request updates from the attackers.
Palo Alto Networks suggests a number of ways to avoid WireLurker, including loading an antivirus app, avoiding jailbreaking, and turning on Mac App Store installation restrictions that prevent apps from unknown third parties form being installed. Palo Alto warns users should not download and run Mac apps or games from third-party app stores, download sites, or other untrusted sources.
Users should also avoid installing unknown provisioning profiles, and should only pair their iOS devices with trusted computers and chargers.
