Symantec Security Response is currently investigating OSX.Wirelurker, a threat that targets Apple computers running Mac OS X and Apple devices running iOS. Wirelurker can be used to steal information from compromised iOS devices.
Figure. Maiyadi App Store
Wirelurker has been discovered on the Maiyadi App Store, a third-party App store in China. The threat is trojanized into pirated Mac OS X applications. Once a pirated application has been downloaded onto a computer running OS X, Wirelurker will spread to any iOS device connected to that computer with a USB cable. Wirelurker can then install malicious applications, even if the iOS device is not jailbroken.
Symantec protection
Symantec detects Wirelurker as:
Here are some steps Mac users can take to avoid malware like OSX.Wirelurker:
- Do not download pirated Mac OS X applications from third-party app stores
- Avoid connecting iOS devices to unknown or untrusted computers
- Install security software on Mac OS X computers