Security company Palo Alto Networks reports a piece of malware is targeting Apple devices in China.
The malware is called WireLurker, and in six months, it infected more than 400 OS X applications. Palo Alto Networks says those infected apps have racked up more than 350,000 downloads through a third-party app store in China.
"The viruses can then get transferred from infected Macs onto iPhones through USB connector cables. Palo Alto Networks thinks the attackers were Chinese and says most of the users were hit in China thus far." (Video via CNBC)
WireLurker is also notable because it doesn't require jailbroken targets. It's the first iOS malware known to use enterprise provisioning, which lets companies distribute software and apps without app store approval.
Once it's installed, WireLurker has full access to user data stored on the phone, but, as far as Palo Alto Networks knows, it so far hasn't done anything with that access. Palo Alto Networks researcher Ryan Olson told PCWorld:
"We think we sort of caught someone developing the attack, and they haven't gotten to the point of launching the full attack. From our perspective, it still looks like an information gathering operation."
There's no such thing as perfect security from this or any other sort of malware, but the refrain from across the Web is a familiar one:
"Users should not download and run Mac apps or games from third-party app stores, download sites, or other untrusted sources and jailbreaking should be avoided."
In a statement to TechCrunch, Apple said it was aware of the malware problem, "and we've blocked the identified apps to prevent them from launching." It, too, recommended sticking to trusted sources for app downloads.
This video includes images from Getty Images.