A new iPad is seen following a presentation at Apple headquarters
Here is a list of best features of the brand new Apple iPad Pro. Pictured above: A new iPad is seen following a presentation at Apple headquarters in Cupertino, California October 16, 2014. Reuters/Robert Galbraith

Apple devices have been infected by "WireLurker" malware, which affects iOS and OS X. The virus, which affected Chinese users, allegedly attacks Mac devices via USB.

According to PCMag, WireLurker happens to be the second malware to attack iOS devices via USB. However, this is the first malware that acts like a conventional virus. A detailed report on the malware attack revealed that malicious apps have been downloaded more than 300,000 times. According to the research, WireLurker is the beginning of a new era in malware attacks. This is the biggest malware attack through repackaged or trojanised OS X apps.

Things to Know

  • It automatically generates malicious iOS apps through binary file replacement.
  • It looks like a traditional virus that can infect apps installed on iOS platforms.
  • It installs third-party apps on iOS devices which are not jailbroken. It does so by enterprise provisioning.
  • Hundreds and thousands of users in China may have been impacted by this malware attack as the infected apps have been downloaded for more than 356,104 times.
  • The goal of the creator of the malware is unclear, which makes it even more dangerous.

How It Works

  • This malware attacks iOS devices via USB.
  • It automatically generates malicious apps on devices. Alternatively, it also installs third-party apps which are downloaded.
  • It can attack Apple devices even if it is jailbroken. It combines multiple techniques to realise a new kind of threat to every iOS device.
  • WireLurker uses code obfuscation, customised encryption, complex code structure, file hiding and multiple component versions to thwart anti-reversing.
  • It steals a wide range of information for Apple devices by infecting them. It asks user to have regular updates from its own control server and command.

What You Should Do

  • Make sure your mobile traffic is routed via a system that has threat prevention capabilities.
  • Set "Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)" by going to the System Preferences and then Security & Privacy."
  • Install a security application suitable for Apple devices. Keep the signature of the antivirus product up-to-date.
  • If you decide to jailbreak your device, do it only with credible sources. Otherwise, do not attempt to jailbreak at all.
  • Never download Mac games or apps from a third-party website or any untrusted source.
  • Never connect iOS devices with unknown or untrusted devices. Do not connect your iOS device with untrusted accessories either.
  • Do not charge iOS devices through chargers from unknown or untrusted sources.
  • Update your iOS.

Source: Palo Alto Networks

Contact the writer: s.mukhopadhyay@ibtimes.com.au