China arrests iOS malware WireLurker suspects

18 Nov 2014

Three people have been arrested in China in relation to the suspected spread of iOS malware WireLurker.

The Beijing bureau of public security announced the arrest of suspects charged with spreading WireLurker, according to the BBC.

“Mainly infecting devices in China, the bug was one of the first pieces of malware to penetrate iPhone’s software controls.

“The Chinese authorities also shut down the site that had been spreading the malware.”

As reported a few weeks back, WireLurker has been around a little while now, brought into Europe and North America by travelling on the back of certain versions of pirated Chinese software, which installs the malware upon running the pirated product.

“WireLurker then hangs around the infected system until the user plugs in a mobile device with a USB cable, at which point it scrapes personal data and attempts to install malicious copies of apps,” reported The Guardian at the time.

“If the user’s device is jailbroken – hacked, to let them install software without Apple’s permission – then it steals far more information, such as old iMessages and the contents of the user’s address book.”

Ryan Olson, the intelligence director of Palo Alto Networks, which discovered the malware, said WireLurker is unlike anything they’ve ever seen in terms of Apple iOS and OS X malware.

“The techniques in use suggest that bad actors are getting more sophisticated when it comes to exploiting some of the world’s best-known desktop and mobile platforms.”

As reported by The Register, although Trojanised apps that spread WireLurker were downloaded hundreds of thousands of times, “the actual number of infections recorded by security firms such as Kaspersky Lab were relatively few.”

Unsecure mobile phone image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic