Chinese Authorities Shut Down WireLurker Distribution Site, Arrest Suspects Involved

lightning_usb_cable_0_5_mLast Friday, Chinese authorities arrested three individuals that are suspected of developing the "WireLurker" malware, which infected thousands of mobile devices in China after Mac users installed malicious software from a third-party App Store.

According to a police post on Chinese social network Sina Weibo, the three men were arrested in Beijing on suspicion of "manufacturing and distributing" WireLurker after police received a tip from Chinese security company Qihoo 360 technology. In addition to arresting the suspects involved in the creation of the malicious software, Chinese authorities also shut down the site that was spreading it.

First publicized by researchers in early November, WireLurker is a trojan that infected thousands of Chinese iOS and Mac users after they installed software from the Maiyadi App Store, a third-party app platform that delivered more than 400 infected OS X applications.

WireLurker was able to attack iOS devices through Macs using USB, and was described as heralding "a new era in malware attacking Apple's desktop and mobile platforms." After being installed on a Mac, WireLurker would infect an iOS device using enterprise provisioning, making it the first malware capable of installing third-party applications on non-jailbroken iOS devices.

At the time information was published on WireLurker, infected apps had already been downloaded more than 356,104 times. Apple quickly took steps to block the infected apps, preventing them from launching, and in a statement, it reminded users not to install software from untrusted sources.

Just a week after WireLurker surfaced, another vulnerability in iOS was publicized by researchers. Called Masque Attack, it also infects iOS devices using enterprise provision profiles and is somewhat more dangerous, as it can replace existing apps with nearly undetectable fake versions.

Though it hasn't been found in the wild, Masque Attack prompted a warning from the U.S. government and a statement from Apple, with the company once again encouraging customers to download apps only from trusted sources.

Neither Masque Attack nor WireLurker are likely to affect the average iOS user as long as Apple's security features are not bypassed, as both vulnerabilities circumvent the App Store and Mac App Store to install apps.

Top Rated Comments

mgipe Avatar
98 months ago
Probably gave them an offer they couldn't refuse: go on the government payroll or go to jail.
Score: 13 Votes (Like | Disagree)
Michaelgtrusa Avatar
98 months ago
I will need to see more evidence before i'm convinced that this so called arrest isn't just propaganda.
Score: 11 Votes (Like | Disagree)
GeneralChang Avatar
98 months ago
My favorite part of these attacks are the part when I realize that because I download stuff only from the App Store and my company's website, I'm good. Love that security.
Score: 8 Votes (Like | Disagree)
macs4nw Avatar
98 months ago
"Neither Masque Attack nor WireLurker are likely to affect the average iOS user as long as Apple's security features are not bypassed, as both apps circumvent the App Store and Mac App Store to install apps."

And that's the key portion of the article, my friends. Live 'dangerously' at your own peril.
Score: 8 Votes (Like | Disagree)
Tzerlag Avatar
98 months ago
PLA unit 61398 didn't like the competition.
Score: 7 Votes (Like | Disagree)
nepalisherpa Avatar
98 months ago
There will be lurkers waiting for them in the prison. Good job!
Score: 6 Votes (Like | Disagree)

Popular Stories

Prosser Series 8 3

Apple Watch Series 8 Rumored to Feature New Design With Flat Display

Wednesday May 18, 2022 6:21 am PDT by
The Apple Watch Series 8 could feature an all-new design with a flat display, according to the leaker known as "ShrimpApplePro." In his latest video on the YouTube channel Front Page Tech, Jon Prosser highlighted information from ShrimpApplePro that suggests the Apple Watch Series 8 could feature a flat display in what seems to be a design originally rumored for the Apple Watch Series 7. ...
anker 563 dock ports

Anker's Latest USB-C Docking Station Brings Triple-Display Support to M1 Macs

Wednesday May 18, 2022 7:06 am PDT by
While Apple's early M1-based Macs can only officially support a single external display, there are ways around the limitation. Anker is launching a new 10-in-1 USB-C docking station today which delivers just that. The Anker 563 USB-C dock includes two HDMI ports and a DisplayPort port, and it leverages DisplayLink to carry multiple video signals over a single connection. Given that this hub...
macOS Monterey 2

Apple Releases macOS Monterey 12.4 With Support for Studio Display Webcam Update

Monday May 16, 2022 10:10 am PDT by
Apple today released macOS Monterey 12.4, the fourth major update to the macOS Monterey operating system that launched in October 2021. macOS Monterey 12.4 comes over two months after the launch of macOS Monterey 12.3, an update that added Universal Control. The ‌‌‌‌‌macOS Monterey‌‌ 12.4 update can be downloaded on all eligible Macs using the Software Update section of System...
Whatsapp Feature

WhatsApp to Let Users Leave Group Chats 'Silently' and View Rich Link Previews in Status Updates

Tuesday May 17, 2022 3:07 am PDT by
WhatsApp is working on a new feature that will allow users to "silently" leave group chats hosted by the messaging platform instead of all members of the group being notified when they do. As it stands, when someone leaves a group chat, WhatsApp announces their exit to the entire group, making the act of leaving very public. It's not possible right now to leave a group quietly, but WhatsApp...
apple data auction iphone privacy ad

Apple Highlights iPhone's Latest Privacy Features in New 'Data Auction' Ad

Wednesday May 18, 2022 9:00 am PDT by
Apple today shared a new ad highlighting iPhone privacy features like App Tracking Transparency and Mail Privacy Protection that are designed to give users more transparency and control when it comes to their personal data being collected. The ad revolves around a young woman named Ellie who discovers that her personal data is being sold at an auction house, with bids being placed on her...
airpodsproinear

Apple Facing Lawsuit After AirPods Allegedly Ruptured Child's Eardrums With Amber Alert

Tuesday May 17, 2022 11:40 am PDT by
Apple's AirPods ruptured the eardrums of a 12-year-old boy in 2020 when a loud Amber Alert was issued, according to a lawsuit filed against Apple in California (via Law360). The child, identified as B.G. in the filing, was watching a movie on Netflix on his iPhone in 2020 while wearing AirPods Pro. The AirPods Pro were allegedly set at a low volume, but an Amber Alert sounded without warning ...
apple store palo alto

Apple Reinstating Employee Mask Mandate at Approximately 100 U.S. Retail Stores

Tuesday May 17, 2022 11:11 am PDT by
Apple retail employees at around 100 stores will need to go back to wearing a mask while working, according to Bloomberg's Mark Gurman. Apple is mandating masks for employees again due to a rising number of COVID cases across the United States. Customers who visit an Apple Store are not required to wear a mask at this time, but Apple is continuing to recommend masks for all Apple Store...