Chinese Authorities Shut Down WireLurker Distribution Site, Arrest Suspects Involved

[MacRumors]

Last Friday, Chinese authorities arrested three individuals that are suspected of developing the "WireLurker" malware, which infected thousands of mobile devices in China after Mac users installed malicious software from a third-party App Store.

According to a police post on Chinese social network Sina Weibo, the three men were arrested in Beijing on suspicion of "manufacturing and distributing" WireLurker after police received a tip from Chinese security company Qihoo 360 technology. In addition to arresting the suspects involved in the creation of the malicious software, Chinese authorities also shut down the site that was spreading it.

First publicized by researchers in early November, WireLurker is a trojan that infected thousands of Chinese iOS and Mac users after they installed software from the Maiyadi App Store, a third-party app platform that delivered more than 400 infected OS X applications.

WireLurker was able to attack iOS devices through Macs using USB, and was described as heralding "a new era in malware attacking Apple's desktop and mobile platforms." After being installed on a Mac, WireLurker would infect an iOS device using enterprise provisioning, making it the first malware capable of installing third-party applications on non-jailbroken iOS devices.

At the time information was published on WireLurker, infected apps had already been downloaded more than 356,104 times. Apple quickly took steps to block the infected apps, preventing them from launching, and in a statement, it reminded users not to install software from untrusted sources.

Just a week after WireLurker surfaced, another vulnerability in iOS was publicized by researchers. Called Masque Attack, it also infects iOS devices using enterprise provision profiles and is somewhat more dangerous, as it can replace existing apps with nearly undetectable fake versions.

Though it hasn't been found in the wild, Masque Attack prompted a warning from the U.S. government and a statement from Apple, with the company once again encouraging customers to download apps only from trusted sources.

Neither Masque Attack nor WireLurker are likely to affect the average iOS user as long as Apple's security features are not bypassed, as both vulnerabilities circumvent the App Store and Mac App Store to install apps.

Article Link: Chinese Authorities Shut Down WireLurker Distribution Site, Arrest Suspects Involved

 

[nepalisherpa]

There will be lurkers waiting for them in the prison. Good job!

 

[aliensporebomb]

Yep.....

Pretty swift action there - Apple obviously wanted it addressed and fast.

 

[Michaelgtrusa]

I will need to see more evidence before i'm convinced that this so called arrest isn't just propaganda.

 

[Alimar]

Curse 'em out!

 

[macs4nw]

"Neither Masque Attack nor WireLurker are likely to affect the average iOS user as long as Apple's security features are not bypassed, as both apps circumvent the App Store and Mac App Store to install apps."

And that's the key portion of the article, my friends. Live 'dangerously' at your own peril.

 

[GeneralChang]

My favorite part of these attacks are the part when I realize that because I download stuff only from the App Store and my company's website, I'm good. Love that security.

 

[xARx2]

At the end: Use Apple's app store only?
Oh well. Could have sideloaded some apps, but now I am mildly scared.

 

[PowerBook-G5]

Good for you China! (and your highly-regulated or whatever internet?)

 

[mgipe]

Probably gave them an offer they couldn't refuse: go on the government payroll or go to jail.

 

[sodapop1]

Hello reeducation camps

 

[Tzerlag]

PLA unit 61398 didn't like the competition.

 

[The Barron]

You get what you pay for.

My favorite part of these attacks are the part when I realize that because I download stuff only from the App Store and my company's website, I'm good. Love that security.

I agree completely. Easy come - easy go.

Let the "buyer" beware.

 

[WardC]

-comment removed-

 

[Col4bin]

Nice to see the Chinese government take action against these scumbags

 

[MacSince1990]

My favorite part of these attacks are the part when I realize that because I download stuff only from the App Store and my company's website, I'm good. Love that security.

Well, yeah... I mean if you never go outside you can't get robbed... but you also never get to see the sun.

Walking within the designated lines is safer, but it's also pretty boring.

 

[SchneiderMan]

Why I imagined the arrests had gone down like the movie The Raid in not sure.

 

[Archer1440]

Can you imagine being arrested by Chinese authorities?

One time in Shanghai (2007), I saw a man on a scooter hit by a man in a car at an intersection, with the car driver being clearly at fault.

The car driver proceeded to kick and beat the scooter rider senseless.

No one did anything to stop him.

The car driver was in a military uniform.

 

[allanfries]

There will be lurkers waiting for them in the prison. Good job!

Yeah, China definitely knows how to deal with criminals. Thats a given.

 

[KPOM]

Good for you China! (and your highly-regulated or whatever internet?)

A part of me still suspects that China was behind these attacks.

 

[syvwu]

Created by the Chinese. Aimed for the Chinese.
Western stuffs are evil in the eye of the CCP.

 

[Tech198]

I will need to see more evidence before i'm convinced that this so called arrest isn't just propaganda.

I guess being in China won't give anyone much confidence...

After all they spy on the U.S.... how we we can them seriously...

This is, by the way, the same people who develop their own phones for their own market because they reckon iOS is spying on them...

And now this arrest ?

 

[MacbookSwitcher]

Probably gave them an offer they couldn't refuse: go on the government payroll or go to jail.

They were probably already on the government payroll. These "arrests" may just be for show.

 

[nostaws]

Anyone need a kidney? Six are becoming available.

 

[wxman2003]

Wow, the Chinese authorities can catch these hacks in a short time, but they just can't seem to find those sneaky hackers who broke into US government sites.