Monthly Archives: November 2014

Apple Addresses WireLurker Malware

Posted by Clayton Bellot on November 07, 2014
Uncategorized / No Comments

By now, you may have heard about one of the latest instances of malware to effect Apple’s operating systems. This malware dubbed WireLurker has shown that there is an increased movement in targeting Apple users who for years have indicated that Macs just don’t get viruses. The articles below also point out the dangers of jailbreaking a phone and installing third-party apps and run an up-to-date antivirus on Mac operating systems.

http://www.computerworld.com/article/2844700/the-iphone-wirelurker-malware-what-you-need-to-know.html

http://www.scmagazine.com/the-command-and-control-server-for-wirelurker-has-been-taken-offline/
Below are recommendations provided by Palo Alto Networks to help prevent WireLurker and similar threats:

  • Employ an antivirus or security protection product for the Mac OS X system and keep its signatures up-to-date
  • In the OS X System Preferences panel under “Security & Privacy,” ensure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is set
  • Do not download and run Mac applications or games from any third-party app store, download site or other untrusted source
  • Keep the iOS version on your device up-to-date
  • Do not accept any unknown enterprise provisioning profile unless an authorized, trusted party (e.g. your IT corporate help desk) explicitly instructs you to do so
  • Do not pair your iOS device with untrusted or unknown computers or devices
  • Avoid powering your iOS device through chargers from untrusted or unknown sources
  • Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)
  • Do not jailbreak your iOS device; If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that device

Additionally, it should be noted that there is a variant of this malware available for Windows and that Palo Alto Networks has provided a tools on their GitHub site to detect WireLurker for both Mac OS X and Windows operating systems.