Friday, November 7, 2014

How Do You Protect Your IPhone From Wirelurker When They Don't Know What It Does?

I'm reading the tech news.  In reality I read it about every day and far too much of it is out there.  Your mind may haze up from time to time, and that's normal.

There's a new virus out there that they're calling "Wirelurker".  The big problem is with this one is that they are still figuring out how it works and what it does.

The group that discovered the virus, Palo Alto Networks, let out a rather gloomy press release.  Basically, it said that you're probably already infected and even if you didn't get infected it will get you anyway through use of chargers or your Mac.

Huh?

Apparently it started as a rather fringe infection vector.  People who Jailbreak-ed their iPhones and connected up to a third party app store called Maiyadi, in China got it first.

Chinese third party software.  Probably not the safest out there.

What it did was to rewrite the apps that ran on the iPhone and add code to it that caused the virus to replicate and move onto the next victim.

So someone stepped out of the Walled Garden that Apple made and they got caught, end of problem, right?

Nope.

It infected their Macs, and moved on.  It also infected any other iOS devices plugged into the machines such as iPads and iPod Touch.

The recommendations are one of the broadest that I have ever seen for avoiding this virus.

This is the first time I saw a third party app store used as an illustration of a safer app store.  They recommend that if you do use third party apps, make sure it is the Cydia app store and only go to trustworthy sources.  Problem there is that you never really know since those third party app stores aren't really looking into the source code like Apple does.

They say don't even plug it into a charger that you don't know about and don't use any non approved sources.  Since the virus is so stealthy you won't know that your charger is infected until later - but basically that lets the rest of the windows world in.

There's a vulnerability with the USB devices that you have in your house.  More accurately the USB devices you will buy to replace the ones you have now.  Plugs, cables, and chargers.  It can be rigged to push a virus into whatever it is connected with.  While this particular threat hasn't been seen in the wild, yet, give it time.  Yes, it's doom and gloom and fear mongering, but give it time.

Thinking about a new charger?  Better make sure that you spend the extra money and get it from a recognized source. 

If the whole charger thing is questionable, their stated concern is that if you have an infected iPhone on your network, the virus will walk back to the next phone that is connected to the network via email servers and the like. 

Once it is in your phone, it can theoretically grab your address book and spam your contacts thereby sharing the fun.  This is one of the first "traditional" viruses to hit the iPhone platform.

The Apple Myth of No Viruses Here was built because they have the reputation of "vetting" or looking over and analyzing the software that sits on their own app stores.  If you remain in the Walled Garden, all will be well.  That is the theory and for the most part, up until now, it works.  However since the infection vector is from outside of the walled garden and you have to go outside the garden to update or charge the phone, you will have a vulnerability.

The solution will be that Macs and iOS devices will need to run a virus scanner.  Once the virus definitions are kept up to date, this will clean out the problem. 

If it sounds familiar, welcome to the Windows world. 

Once the signature to the virus is found, it will get out to the Windows based virus scanners and that should clear it up as well.

But it isn't there yet, so stay tuned.

Bottom line is that if you have an iOS device, make sure you stick with Apple's App Store and stay tuned.

No comments:

Post a Comment