How to protect your iPhone from Wirelurker, the first iOS malware
Loading...
If you're an iPhone owner, you've had virtually no reason to think your phone has a virus. As long as you only downloaded Apple-approved apps, the risk of malware on your phone was minimal.
But on Wednesday, security firm Palo Alto Networks detected a malware program, dubbed Wirelurker, that was found to infiltrate iOS devices. In the past six months, Wirelurker was able to attack 467 applications on Maiyadi, a China-based third-party app store for Mac computers. The infected apps are believed to have been downloaded 356,104 times.
For American readers, there are no signs that you should worry about the malware, assuming you haven't downloaded unauthorized Chinese apps. Wirelurker has been confined to China thus far and has had little effect there.
Until now, Apple products have had a very clean malware record because Apple has tight control of its App Store products. Apps must be approved by Apple before they will work on iOS devices. However, users could disable this protection to allow non-approved apps to work on iPhones,\ through a process known as jailbreaking.
Though not a huge threat to Americans, Wirelurker is important to note because it is the first of its kind, according to Palo Alto Networks, and the vulnerabilities it exposed could pose a threat to other Apple devices. Wirelurker was able to get on phones that weren't jailbroken through a process known as enterprise provisioning, which is when a software uses an official identification to let third-party apps onto iOS devices. The IDs are normally reserved for large businesses to allow them to create apps without the hassle of being approved, but Wirelurker showed that it is possible to forge one.
"It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning," Claud Xiao, researcher at Palo Alto Networks, wrote on the company's site.
Wirelurker is believed to have first penetrated a computer through an unauthorized Chinese app. It then installs itself on an iPhone when the device is connected to the infected computer through a USB connection. Once on a phone, the malware has access to all of the phone's data.
"From a broad perspective, the ecosystem is still in pretty good shape," Ryan Olson, an intelligence director at Palo Alto Networks, told the Verge. "[B]ut this is the first door we've seen opening into the iOS world."
The problem will be tricky to solve, but it isn't time to ditch your iPhone. Apple says it knows about the problem and is working to fix it.
"We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching," an Apple spokesperson told The Huffington Post. "As always, we recommend that users download and install software from trusted sources."
Here are some tips to protect your Apple devices from Wirelurker and other malware.
Make sure that you only download approved apps from the App Store. If you have a Mac, you can ensure that third-party apps are blocked by going into your System Preferences and clicking "Security and Privacy." Then select "Allow apps downloaded from Mac App Store." Now your computer will not be able to install software from an unauthorized source.
You should also download an OS X antivirus application. Tom's Guide put together a great list of free antivirus packages. If you think your computer is infected with Wirelurker, you can run Palo Alto Networks' Wirelurker detector or install Little Snitch, which will reveal suspicious outgoing connections.
Also, iPhone owners should never connect to an untrusted computer or charger. Doing so could possibly install malware on your device.
And alas, think twice before you jailbreak your phone, and make sure that your iOS and OS X software is always up-to-date. Each update patches vulnerabilities, so keeping your software updated ensures that your computer is as protected as possible.