Apple has taken rapid action against WireLurker, the malware that attacked lakhs of iPhone and iPad users in China. On Thursday, security software developer Paulo Alto found a new potential threat in China, that attacks iOS based devices once they get connected to any Mac computer via USB cable.
WireLurker is the first malware, which is able to attack the non-jailbroken iOS devices. The malware is responsible to infect several Apple devices through a third party iOS dedicated app store and a few sites.
"We are aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching," Apple said in an email to Reuters.
"As always, we recommend that users download and install software from trusted sources," Apple said.
Though Apple haven't elaborated the process on how they will be able to disinfect the compromised iPhones and iPad devices, it is expected that they will issue some patches to prevent installation from any third party stores. Also, what if a user use a non iOS based Internet browser instead of Apple made Safari? Will they be able to block those sites if opened via third party browsers too?
In our experience, most of the major attacks happen through third-party app stores only. This scenario is especially true with Android devices. There are hundreds of App stores like BlackMarket, that offer free software, which are usually counted into paid app category in Google Play Store. Downloading those apps for free via these third party stores is usually compromised with some stealth code injected.
The entire major operating system platform, including Apple and Google always ask users to stay safe by avoiding these stores.
Apple doesn't allow any apps to their devices without their consent. That's why it is believed that WireLurker has created a backdoor into iPhones and iPads through hacking the Mac computers.