Apple blocks WireLurker iPhone malware apps

By Chris Davies/Nov. 6, 2014 10:44 am EST

Apple has blocked the suspect apps behind the WireLurker malware discovered targeting iPhone users in China, effectively minimizing the likelihood of casual infections. The exploit made headlines yesterday for its supposed virulence, watching out for iOS devices being connected to compromised Macs and then grabbing data from them. According to Apple, however, the issue has already been addressed for the most part, while a little common-sense could prevent anyone still at risk from succumbing.

WireLurker was identified by security research firm Palo Alto Networks, which dubbed the exploit "unprecedented" in its announcement. The hack relies on a compromised app being installed on a Mac, with a group apparently releasing compromised versions of popular titles to Chinese download sites.

When an iOS device is connected via USB to an infected Mac, it tries to suck out as much information as it can.

"We are aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching," Apple said in a statement. "As always, we recommend that users download and install software from trusted sources."

Even before the apps being blocked, the likelihood of an iPhone user actually being impacted by the exploit was low. For a start, it was based on owners going hunting for unofficially distributed software rather than sourcing it through the Mac App Store.

At greatest risk – in the grand scheme of threat levels – would be those with jailbroken iPhones who were taking advantage of the software security bypasses to install stolen or poorly checked apps.

There, Apple's decision to revoke the enterprise certificate won't be so helpful, hence the advice to stick to legitimate sources.

That's not to say jailbreaking your iPhone or iPad is an automatic "no", since there are many other reasons beyond pirated software that people opt to dig into their device's software. The possibility of stumbling first across compromised software and installing it on your Mac is low, though it's probably a sensible idea not to plug your iPhone into a stranger's laptop in general, even if they're simply offering you a friendly recharge.