How to protect your iPhone from Wirelurker, the first iOS malware

A new report from Palo Alto Networks says that a new malware, called Wirelurker, is able to infiltrate iOS devices. Though Wirelurker shows possible vulnerabilities in the iPhone, the malware is contained in China and those who download unapproved applications.

Adrees Latif/Reuters
A customer is silhouetted while entering the Fifth Avenue Apple store on Sept. 19.

If you're an iPhone owner, you've had virtually no reason to think your phone has a virus. As long as you only downloaded Apple-approved apps, the risk of malware on your phone was minimal.

But on Wednesday, security firm Palo Alto Networks detected a malware program, dubbed Wirelurker, that was found to infiltrate iOS devices. In the past six months, Wirelurker was able to attack 467 applications on Maiyadi, a China-based third-party app store for Mac computers. The infected apps are believed to have been downloaded 356,104 times. 

For American readers, there are no signs that you should worry about the malware, assuming you haven't downloaded unauthorized Chinese apps. Wirelurker has been confined to China thus far and has had little effect there.

Until now, Apple products have had a very clean malware record because Apple has tight control of its App Store products. Apps must be approved by Apple before they will work on iOS devices. However, users could disable this protection to allow non-approved apps to work on iPhones,\ through a process known as jailbreaking.

Though not a huge threat to Americans, Wirelurker is important to note because it is the first of its kind, according to Palo Alto Networks, and the vulnerabilities it exposed could pose a threat to other Apple devices. Wirelurker was able to get on phones that weren't jailbroken through a process known as enterprise provisioning, which is when a software uses an official identification to let third-party apps onto iOS devices. The IDs are normally reserved for large businesses to allow them to create apps without the hassle of being approved, but Wirelurker showed that it is possible to forge one. 

"It is the first in-the-wild malware to install third-party applications on non-jailbroken iOS devices through enterprise provisioning," Claud Xiao, researcher at Palo Alto Networks, wrote on the company's site.

Wirelurker is believed to have first penetrated a computer through an unauthorized Chinese app. It then installs itself on an iPhone when the device is connected to the infected computer through a USB connection. Once on a phone, the malware has access to all of the phone's data. 

"From a broad perspective, the ecosystem is still in pretty good shape," Ryan Olson, an intelligence director at Palo Alto Networks, told the Verge. "[B]ut this is the first door we've seen opening into the iOS world."

The problem will be tricky to solve, but it isn't time to ditch your iPhone. Apple says it knows about the problem and is working to fix it.

"We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching," an Apple spokesperson told The Huffington Post. "As always, we recommend that users download and install software from trusted sources."

Here are some tips to protect your Apple devices from Wirelurker and other malware.

Make sure that you only download approved apps from the App Store. If you have a Mac, you can ensure that third-party apps are blocked by going into your System Preferences and clicking "Security and Privacy." Then select "Allow apps downloaded from Mac App Store." Now your computer will not be able to install software from an unauthorized source.

You should also download an OS X antivirus application. Tom's Guide put together a great list of free antivirus packages. If you think your computer is infected with Wirelurker, you can run Palo Alto Networks' Wirelurker detector or install Little Snitch, which will reveal suspicious outgoing connections.

Also, iPhone owners should never connect to an untrusted computer or charger. Doing so could possibly install malware on your device. 

And alas, think twice before you jailbreak your phone, and make sure that your iOS and OS X software is always up-to-date. Each update patches vulnerabilities, so keeping your software updated ensures that your computer is as protected as possible.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to How to protect your iPhone from Wirelurker, the first iOS malware
Read this article in
QR Code to Subscription page
Start your subscription today