1. Akshay Masand's Avatar


    According to news originally spotted by ZDNet, the Beijing Municipal Public Security Bureau announced the arrest of three suspects which are thought to be behind the “WireLurker” trojan which targeted Mac and iOS devices. The agency claims the suspects have been taken into custody under charges of conspiring to use the malware for illegal profits and the websites hosting the malware have been shut down.

    For those of you who don’t remember or didn’t follow the news, security research firm Palo Alto Networks detailed the WireLurker malware in a paper earlier this month. According to their findings, WireLurker inserts itself onto a Mac running OS X then jumps to iOS devices over USB. Unlike previous attacks, WireLurker was capable of affecting non-jailbroken hardware as well. The malware took advantage of an app provisioning vulnerability and laid dormant on a user’s computer in an infected OS X app. It then monitored for new iOS devices and installed malicious apps downloaded from an off-site server or generated on the device. From there, the malware was able to access user information such as contacts, iMessages and even perform other functions determined by the command-and-control server.

    Apple alongside several analysts and speculators alike claimed WireLurker was only a threat to users who disable Apple’s default security measures as the enterprise provisioning certificates used in the attack were blocked by Apple shortly after the discovery of the issue. With the growth of Apple’s global smartphone market share continuing to rise, it is slowly becoming an increasingly important target for malicious hackers. Fortunately, smaller issues such as this one help patch security loopholes that help strengthen the overall security of the iOS platform. Going forward, issues similar to WireLurker will hopefully be unable to affect us iOS users!

    Source: Sina Weibo via ZDNet

    Twitter: @AkshayMasand
    2014-11-18 06:28 PM
LINK TO POST COPIED TO CLIPBOARD