‘WireLurker’ Malware Affecting Macs and iOS Devices in China

‘WireLurker’ Malware Affecting Macs and iOS Devices in China

The New York Times reports researchers from Palo Alto Networks have published a research paper detailing how a new malware strain is infecting both Mac computers and iOS devices. “WireLurker” targets users in China.



The WireLurker malware is the “biggest in scale” in the trojanized malware family, and it is able to attack iOS devices through OS X using USB. It’s said to be able to infect iOS applications similar to a traditional virus, and it is the first malware capable of installing third-party applications on non-jailbroken iOS devices “through enterprise provisioning.”

So far, the WireLurker malware has been found in 467 OS X apps in the Maiyadi App Store, a popular third-party Mac app store in China. The infected apps have been downloaded a total of 356,104 times.

The researchers say WireLurker monitors a Mac’s USB ports, looking for an iOS device it can infect. It then installs malicious third-party apps onto the device.

WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it “wire lurker”. Researchers have demonstrated similar methods to attack non-jailbroken devices before; however, this malware combines a number of techniques to successfully realize a new brand of threat to all iOS devices.

Once in place, the WireLurker code can gather information from the infected iOS device, such as contacts and messages, and it can even request updates from attackers.

Palo Alto Networks suggest a number of ways to avoid WireLurker, including loading an antivirus app, avoiding jailbreaking, and turning on Mac App Store installation restrictions that prevent apps from unknown third parties form being installed. Palo Alto warns users should not download and run Mac apps or games from third-party app stores, download sites, or other untrusted sources.

Users should also avoid installing unknown provisioning profiles, and should only pair their iOS devices with trusted computers and chargers.

While Palo Alto Networks says they have informed Apple about the malware, an Apple spokesperson declined to comment.


  1. Google Maps for iOS Now Includes Waze Realtime Traffic Data
  2. Apple Adds ‘Apple Events’ App to Apple TV App Store, Just in Time for Monday’s ‘Let Us Loop You In’ Event
  3. Apple is Now Selling Refurbished iPhone 6s Models in its Online Store
  4. GooPad mini – The First Shameless Chinese iPad mini Ripoff!
  5. Apple’s Much Rumored San Francisco Office Opening Confirmed – Move In Scheduled for Summer
  6. Apple to Launch 15-Inch MacBook Air in 2012?
Apple Giveaways

iPhone X Giveaway



MacBook Pro Giveaway



10.5″ iPad Pro Giveaway



iPhone 8 Plus Giveaway