Wirelurker site in China taken down, suspects arrested

The Mac/iOS malware was able to install on non-jailbroken iOS devices, but was quickly neutered. Three suspects are in custody.

Chinese authorities have shut down the web sites responsible for the Wirelurker malware and arrested suspects in the case, according to a statement by the Beijing Municipal Bureau of Public Security on Sina Weibo, a Chinese microblogging service.

Wirelurker appeared earlier this month breaking new ground as malware that could attack non-jailbroken iOS devices. The scenario is complicated and will not likely work well in the United States. It involved iOS malware available in third-party app stores, not commonly used here.

Read this

14 features we want to see in iOS 8

Apple's next-generation mobile software is expected to land on devices in September, along with a new iPhone. Here are some of the improvements and features we hope to see.

According to Palo Alto Networks, which publicly revealed the threat, it begins with malware running on a Mac OS X system (a less-successful Windows version of this malware was also found). The malware could download the malicious apps from the third-party stores and, when it detected an iOS device connected through the USB port, installed the malicious apps on the device.

The malware was able to install on non-jailbroken iOS devices because the attackers used enterprise certificates to sign the apps. Apple has since revoked these certificates. Palo Alto estimated that hundreds of thousands of users installed the malicious apps.

The Chinese authorities say that three suspects (Chen, Lee and Wang) are under arrest for making and distributing the malware and the site shut down.

Hat tip to SecurityWeek.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All