"first infecting Macs by inserting trojan software through repackaged OS X apps,..."
If you have OSX configured properly to not allow unsigned apps, then they wouldn't be installed. These are repackaged apps so unless someone re-signed them with an authentic signature, they would get installed. Of course, I wonder how many people turn this feature off. As far as it infecting iOS devices, that's something enterprise IT personnel have to be aware of since they are given the ability to bypass Apple's security in the App Store.
In any case this isnt good! This means that this hackers are focusing more energy towards apple. I hope apple can patch this even though it is human error not on apple's part and make ios security stronger which i sure they will
No, this is what happens when your entire culture condones theft. The malware writers are exploiting this cultural reality. I wouldn't be surprised if one of our 3-letter government agencies was behind this.
No, this is what happens when your entire culture condones theft. The malware writers are exploiting this cultural reality. I wouldn't be surprised if one of our 3-letter government agencies was behind this.
I agree. But apple cant just stand by an watch with out doing anything to protect its products and users. Yes even the stupid ones!
"first infecting Macs by inserting trojan software through repackaged OS X apps,..."
If you have OSX configured properly to not allow unsigned apps, then they wouldn't be installed. These are repackaged apps so unless someone re-signed them with an authentic signature, they would get installed. Of course, I wonder how many people turn this feature off. As far as it infecting iOS devices, that's something enterprise IT personnel have to be aware of since they are given the ability to bypass Apple's security in the App Store.
"...once Wirelurker gains access to a non-jailbroken iPhone, the program simply side-loads a non-malicious comic book app onto the phone, using a forged enterprise provisioning certificate. Palo Alto researchers suspect it's a test payload to ensure the system works before moving on to more profitable ends. For jailbroken phones, the malware rewrites the apps for the TaoBao and AliPay apps (Alibaba's applications for auctions and payments, respectively) so as to harvest payment information."
I agree. But apple cant just stand by an watch with out doing anything to protect its products and users. Yes even the stupid ones!
Apple has already done plenty to protect their users however they can't prevent them from jail breaking iPhones, disabling security features, installing pirated software or installing software from untrusted developers. There is a reason why the Apple platforms of both iOS and OS X have the lowest instances of malware/spyware/viruses of any commercial/consumer platforms and it's all due to the way Apple have designed those platforms to focus on security. It is not Apple's responsibility to do anything at all to protect the "stupid users" as you put it. If someone want to jailbreak their phone or install an application on their Mac from an untrusted developer that's their choice and the consequences are on them, not Apple. This malware threat doesn't seem like it's going to be very widespread and will only affect those users who value piracy/customisation (or in some cases just software that doesn't meet Apple's App store guidelines) over security.
Not all apps and developers have their apps in the AppStore. Some apps are crippled because of Apple's sandbox requirements, and therefore, offer the full-featured app at the developer site. A perfect example is the very popular, GraphicConverter. The App Store version is crippled due to Apple's requirements, so most buy the full-featured version directly from the developer. From the developer's site:
The Mac App Store version has some restrictions due the Apple Sandboxing:
no ECW import
no mrSID import
no PhotoCD import
no Next/Previous/Save & Next in the image window
no Split in the Save As dialog
no access to the complete filesystem in the browser - you have to add folder with drag & drop
no access to the dropbox, copy, skidrive, clouddrive folder
no support for Apple Remote
no access to the photostream
only support of Apple Mail to e-mail images
Now why would anyone buy the App Store version of GraphicConverter with these restrictions? Sound Studio is another app that has restrictions in the App Store version. I believe the developer had to remove MP3 support in the App Store version. So in this instance, there could be a chance that the developer site could be taken over and the software tainted with a trojan. But this is an example as to why the App Store isn't always the best choice for software, and sometimes an app is not available in the App Store. So don't think the "walled garden" is the best place to shop for apps.
I'd much rather have the app be "crippled" because Apple's sandbox requirements help to ensure the security of my iOS devices, instead of winding up with crippled security on my device because I have purchased an app that bypasses the designed security features.
Not all apps and developers have their apps in the AppStore. Some apps are crippled because of Apple's sandbox requirements, and therefore, offer the full-featured app at the developer site. A perfect example is the very popular, GraphicConverter. The App Store version is crippled due to Apple's requirements, so most buy the full-featured version directly from the developer. From the developer's site:
<p style="color:rgb(63,67,68);margin-bottom:10px;">The Mac App Store version has some restrictions due the Apple Sandboxing:</p>
<p style="color:rgb(63,67,68);list-style-image:url(http://www.lemkesoft.de/fileadmin/templates/main/img/bullet.png);">Now why would anyone buy the App Store version of GraphicConverter with these restrictions? Sound Studio is another app that has restrictions in the App Store version. I believe the developer had to remove MP3 support in the App Store version. So in this instance, there could be a chance that the developer site could be taken over and the software tainted with a trojan. But this is an example as to why the App Store isn't always the best choice for software, and sometimes an app is not available in the App Store. So don't think the "walled garden" is the best place to shop for apps.</p>
Then don't complain when they get shit like that from development sites
In any case this isnt good! This means that this hackers are focusing more energy towards apple. I hope apple can patch this even though it is human error not on apple's part and make ios security stronger which i sure they will
How can Apple patch a human brain? It's like you have a house with all security implemented but then just leave front door open.
No, this is what happens when your entire culture condones theft. The malware writers are exploiting this cultural reality. I wouldn't be surprised if one of our 3-letter government agencies was behind this.
That's short sighted. What if the developer doesn't want to share 30% with Apple? Or what if the software is very specialized, or some plugin to a host app? What if it's business software, ie. for internal company use?
This wouldn't be supported through the App Store.
The fact Apple wants us all to use their ecosystem, a desktop OS has always been about the freedom of installing and configuring whatever users want to do, unlike iOS.
This is why Apple still allows us to install third party software; if they would disable the ability to do so, every non-consumer would immediately jump ship.
Once installed, the malware can access sensitive data like user contacts, read iMessages and ping a remote server for command-and-control operations, among other nefarious functions.
It accesses user sensitive data, like Contacts.
Well now, it equals the capability of Google via a Gmail account.
The article here is misleading and so is the linked article from Palo Alto Networks.
It's not made absolutely clear (though it's kind of mentioned) in either that it only infects people who download and install the malware from an unsigned, third-party vendor and not from Apple's walled garden. It's portrayed as if someone has broken through Apple's security and will infect everyone and steal all their info.
If you don't download unsigned apps from a third party or untrusted developer, you won't download a trojan horse that might screw with your system. It's that simple. One would think people have lived long enough with file sharing sites to understand this concept. The iOS app replacement is clever, but they installed an app whose functionality is to do that. So there you go.
Apple is still benefitted by not having six tons of legacy cruft like Windows. And iOS is benefitted by having been designed with security in mind. I'm not ready to waive the white flag yet as far as Apple's software being a big security risk.
Very true! I am not waiving my white flag either. I am just saying apple can learn from this to create and even more secure os
"We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources."
Comments
"first infecting Macs by inserting trojan software through repackaged OS X apps,..."
If you have OSX configured properly to not allow unsigned apps, then they wouldn't be installed. These are repackaged apps so unless someone re-signed them with an authentic signature, they would get installed. Of course, I wonder how many people turn this feature off. As far as it infecting iOS devices, that's something enterprise IT personnel have to be aware of since they are given the ability to bypass Apple's security in the App Store.
If you think your iOS device maybe infected, be sure to isolate it for 21days.
No, this is what happens when your entire culture condones theft. The malware writers are exploiting this cultural reality. I wouldn't be surprised if one of our 3-letter government agencies was behind this.
I agree. But apple cant just stand by an watch with out doing anything to protect its products and users. Yes even the stupid ones!
They'll do what they can, but you can't prevent people from doing something stupid.
"...once Wirelurker gains access to a non-jailbroken iPhone, the program simply side-loads a non-malicious comic book app onto the phone, using a forged enterprise provisioning certificate. Palo Alto researchers suspect it's a test payload to ensure the system works before moving on to more profitable ends. For jailbroken phones, the malware rewrites the apps for the TaoBao and AliPay apps (Alibaba's applications for auctions and payments, respectively) so as to harvest payment information."
Apple has already done plenty to protect their users however they can't prevent them from jail breaking iPhones, disabling security features, installing pirated software or installing software from untrusted developers. There is a reason why the Apple platforms of both iOS and OS X have the lowest instances of malware/spyware/viruses of any commercial/consumer platforms and it's all due to the way Apple have designed those platforms to focus on security. It is not Apple's responsibility to do anything at all to protect the "stupid users" as you put it. If someone want to jailbreak their phone or install an application on their Mac from an untrusted developer that's their choice and the consequences are on them, not Apple. This malware threat doesn't seem like it's going to be very widespread and will only affect those users who value piracy/customisation (or in some cases just software that doesn't meet Apple's App store guidelines) over security.
If it's USB dependent then it sounds like doing hands-free rollouts and over-the-air updates and package installs should prevent it.
Of course if you're pushing out pirated packages through your MDM then why do you still have your job...?
Not all apps and developers have their apps in the AppStore. Some apps are crippled because of Apple's sandbox requirements, and therefore, offer the full-featured app at the developer site. A perfect example is the very popular, GraphicConverter. The App Store version is crippled due to Apple's requirements, so most buy the full-featured version directly from the developer. From the developer's site:
The Mac App Store version has some restrictions due the Apple Sandboxing:
Now why would anyone buy the App Store version of GraphicConverter with these restrictions? Sound Studio is another app that has restrictions in the App Store version. I believe the developer had to remove MP3 support in the App Store version. So in this instance, there could be a chance that the developer site could be taken over and the software tainted with a trojan. But this is an example as to why the App Store isn't always the best choice for software, and sometimes an app is not available in the App Store. So don't think the "walled garden" is the best place to shop for apps.
I'd much rather have the app be "crippled" because Apple's sandbox requirements help to ensure the security of my iOS devices, instead of winding up with crippled security on my device because I have purchased an app that bypasses the designed security features.
Download apps from AppStore. Don't be cheap. Using third party app vendor is risky. This is why I like walled garden...safe and secured.
plus it puts food on the table for people who work their ass off to make something of value.
No, this is what happens when your entire culture condones theft. The malware writers are exploiting this cultural reality. I wouldn't be surprised if one of our 3-letter government agencies was behind this.
Right idea, wrong government.
This wouldn't be supported through the App Store.
The fact Apple wants us all to use their ecosystem, a desktop OS has always been about the freedom of installing and configuring whatever users want to do, unlike iOS.
This is why Apple still allows us to install third party software; if they would disable the ability to do so, every non-consumer would immediately jump ship.
It accesses user sensitive data, like Contacts.
Well now, it equals the capability of Google via a Gmail account.
It's not made absolutely clear (though it's kind of mentioned) in either that it only infects people who download and install the malware from an unsigned, third-party vendor and not from Apple's walled garden. It's portrayed as if someone has broken through Apple's security and will infect everyone and steal all their info.
If you don't download unsigned apps from a third party or untrusted developer, you won't download a trojan horse that might screw with your system. It's that simple. One would think people have lived long enough with file sharing sites to understand this concept. The iOS app replacement is clever, but they installed an app whose functionality is to do that. So there you go.
Just pondering..
Totally agree with you! And apple does a great job with security.
Very true! I am not waiving my white flag either. I am just saying apple can learn from this to create and even more secure os
"We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching. As always, we recommend that users download and install software from trusted sources."