For the first time iDevices are subject to a virus capable of infiltrating through a simple USB computer connection . We all know that the iOS ecosystem and Apple’s OS X is considered the safest, especially in regards to the iOS. According to Palo Alto Networks, a US security firm software, about 400 applications for Mac has been infected with the virus and downloaded over 350 000 times.
The modus operandi This newcomer is based on a configuration of iPhones and iPads in series system. This system configuration mainly by companies that use iDevices as mobile devices for their employees is used. For the system to work, the company has to develop a Porvisionig Profile, ie, a configuration file that allows the company to develop its own software and install it only on devices company. This allows the company to set up large volumes of devices at once.
WireLurker using this configuration file as input means for perfectly safe iDevices (never been jailbreakados by example) and you can easily change the applications that we have installed. For the geeks, the WireLurker can change the binary code generated by .ipa files present on iDevices so getting access to information that is sandboxed ie
The origin of this virus is a “store” of Chinese applications call Maiyadi App Store . At bottom this store allows users to install the Provisioning Profile Maiyadi and thereafter the iDevices consider that counterfeit applications, provided they are legitimate. This Maiyadi App Store also lets you download apps for OSX and iDevices that are connected via USB to that infected Mac, if they have a Provisioning Profile installed any (legitimate or not), become potential victims of WireLurker.
Apple has already responded:
“We have a knowledge of available downloads for users in China website malicious software, and already we block applications identified to prevent them smoothly. . As always, users are advised to make downloading and installing software from trusted sources “
Ryan Olson, director of the department of Computer Attacks at Palo Alto Networks told The Times:
“Although it is the first time that this is happening, many potential hackers shows that this method is capable of penetrating the fort erected by Apple around their iDevices “
We recommend that anyone who uses an iDevice Provisioning Profile with the company to be wary of installing apps on their Macs and have attention to Macs that connect your iDevices.
No comments:
Post a Comment