Cybersecurity experts at Palo Alto Networks published a report on Wednesday detailing a new malware infection that has affected more than 400 applications downloaded on Apple mobile and desktop devices.
The group described the malware, called "WireLurker" as the "biggest in scale we have ever seen" and the second to attack Apple's iOS using a USB. The team revealed that 467 applications were affected and downloaded 356,104 times. The actual number of users affected was not calculated, but the download rate implied that hundreds of thousands of users had been hit.
The report also explained how WireLurker was able to penetrate the target device. The malware originated from a third-party Mac application store in China. Any iOS devices that connect to an infected computer via USB will be infected, including jailbroken devices.
"WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it 'wire lurker,'" the authors wrote.
The new malware is not easy to reverse because of its complex codes, multiple versions, ability to hide files, and customized encryption.
The researchers were unable to determine the types of data or information that the malware can get, but based on its design, it can be used to get any type of information that the hacker wants.
"This malware is under active development, and its creator's ultimate goal is not yet clear," the researchers added.
The team recommends users of the affected devices to install an antivirus or other security software, and to limit the downloading of third-party apps to mitigate the threat.
"They are still preparing for an eventual attack," said Ryan Olson, the director of threat intelligence at Palo Alto Networks, during an interview with the New York Times. "Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices."
