- Joined
- Jan 22, 2007
- Messages
- 8,426
Just a friendly heads up...
http://mashable.com/2014/11/06/wirelurker-ios-malware
Read more at the link.
http://mashable.com/2014/11/06/wirelurker-ios-malware
Read more at the link.
Warning for the iPeople - new malware targets iOS devices
- Thread starter Administrator_JSVN
- Start date
From the same source:
Translation: If you have a jailbroken device, are accessing probably illegal downloads from a Chinese "App Store" and have lowered the settings for security on your device to a minimum then you areasking for trouble really potentially open to infection.
It's nice to see Apple do something about it so quickly though [smile]
Translation: If you have a jailbroken device, are accessing probably illegal downloads from a Chinese "App Store" and have lowered the settings for security on your device to a minimum then you are
It's nice to see Apple do something about it so quickly though [smile]
Michael Kellough
Member
- Joined
- Jan 23, 2007
- Messages
- 7,096
If you file your finger down to a point and stick it in an electrical outlet you could get a shock!
But, thanks anyway Shane.
But, thanks anyway Shane.
SittingElf
Member
- Joined
- May 28, 2013
- Messages
- 1,371
This malware is primarily focused on the Chinese market and is limited to a few programs that are downloaded from China. What the takeaway from this virus is that people are downloading from a site that is not certified by Apple and not from the App Store.
Buying your programs from the Official Apple IOS App Store, or from companies with programs certified by Apple will eliminate any danger of this malware reaching your IOS device.
Read this from MacRumors.com:
WireLurker Info
Cheers,
Frank
Buying your programs from the Official Apple IOS App Store, or from companies with programs certified by Apple will eliminate any danger of this malware reaching your IOS device.
Read this from MacRumors.com:
WireLurker Info
Cheers,
Frank
- Joined
- Jan 22, 2007
- Messages
- 8,426
The device does not have to be jailbroken, according to the article.
Like I said, just sharing. Probably not a big concern currently, but it's a proof of concept and will likely be copied and improved upon.
Like I said, just sharing. Probably not a big concern currently, but it's a proof of concept and will likely be copied and improved upon.
- Joined
- Jan 22, 2007
- Messages
- 8,426
Wuffles said:
Sorry, must have been in another article I read about it then. But, I did read that it will affect devices that are not jailbroken.
Because part of the attack happens over USB, it looks like one only needs to have downloaded the infected app (from the Chinese app store) to a computer. iPhones and iPads could be infected by connecting to computers with these apps downloaded. Of course, one still has to proactively "trust" the computer to start the sync.
- Joined
- Jan 22, 2007
- Messages
- 8,426
And, another vulnerability announced for iOS today. Again under specific circumstances to be prone to an attack. Just sharing.
http://mashable.com/2014/11/10/ios-masque-attack/
http://mashable.com/2014/11/10/ios-masque-attack/
- Joined
- Nov 14, 2013
- Messages
- 3,575
Shane Holland said:
You forgot to post this portion of the story:
"The real-world potential threat is benign, for now.
The good news about Masque Attack is that even though it is indeed possible for someone to install a nasty version of a legitimate app on a non-jailbroken iOS device, the real world potential for damage is more limited.
That's because, tools like WireLurker notwithstanding (WireLurker requires a malware-infected Mac app to work over USB), the user needs to initiate the non-App Store installation on their device."
Unless you are an app developer with lax security habits, this is VERY unlikely to affect you.
If someone intentionally runs a program to reformat a hard drive, and they lose data as a result, does that constitute a "vulnerability" in the operating system that allowed the program to run?
This does not strike me as being an OS vulnerability so much as a phishing-type attack - the users are tricked into doing something that the OS has every reason to let them do.
This does not strike me as being an OS vulnerability so much as a phishing-type attack - the users are tricked into doing something that the OS has every reason to let them do.
