Symantec Security Response is currently investigating OSX.Wirelurker, a threat that targets Apple computers running Mac OS X and Apple devices running iOS. WireLurker can be used to steal information from compromised iOS devices.
Figure. Maiyadi App Store
WireLurker was discovered on the Maiyadi App Store, a third-party app store in China. The threat is Trojanized into pirated Mac OS X applications. Once a pirated application has been downloaded onto a computer running OS X, WireLurker will spread to any iOS device connected to that computer with a USB cable. WireLurker can then install malicious applications, even if the iOS device is not jailbroken.
Symantec protection
Symantec detects WireLurker as:
Here are some steps Mac users can take to avoid malware like OSX.Wirelurker:
- Do not download pirated Mac OS X applications from third-party app stores
- Avoid connecting iOS devices to unknown or untrusted computers
- Install security software on Mac OS X computers