Acting swiftly, Apple has blocked apps infected with the newly discovered WireLurker malware that attacks iOS devices through OS X, and is primarily targeted at iPhone and iPad users in China.
“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching”, the Cupertino-based company said in a statement, adding that users should only download and install software from trusted sources.
WireLurker works by first infecting Mac computers and then hopping to iOS devices connected to the infected machines via USB. Capable of infecting both jailbroken and non-jailbroken iOS devices, the malware can steal a victim’s address book, read iMessage text messages, and request updates from its command-and-control server.
Discovered by security experts at Palo Alto Network, the malware is known to have infected a total of 467 applications present in the Maiyadi App Store, a third-party Mac app store in China, which is different from the official Mac App Store controlled by Apple itself. The infected apps had been downloaded over 350,000 times.
The company described WireLurker as heralding "a new era in malware attacking Apple's desktop and mobile platforms", adding that it is the first known malware that can infect installed iOS applications similar to a traditional virus.
Last week, a Swedish white-hat hacker by the name of Emil Kvarnhammar discovered a serious security hole in Apple’s newly released Yosemite OS X operating system. Dubbed Rootpipe, the vulnerability allows outside users to gain root-level access to Macs running Apple's desktop OS.