Apple’s good reputation around security has mainly been due to lack of marketshare and lack of high-value targets but a new piece of malware may alter that perception. The new malware infects both OS X and iOS and has already potentially compromised hundreds of thousands of devices.
Dubbed Wirelurker, this new piece of malware was discovered by researchers after it infected hundreds of Mac OS X applications on the Maiyadi Store, a third party Mac application store in China.
Through the app store downloads it would spread to iMacs and Macbooks where it would wait for a USB connection to an iPhone. Once available the malware would spread itself onto the phone, where it would either inject a test app, or replace certain money transfer apps depending on whether the iPhone was jailbroken or not.
And it does all of this by using Apple’s enterprise app deployment system, designed to allow mass deployment of software without going through the App Store.