中國數(shù)十萬蘋果設備或已染病毒
????相對安卓(Android)手機和Windows電腦而言,蘋果的產(chǎn)品不太容易受到惡意軟件的侵襲,這讓本次WireLurker事件關(guān)注度頗高。 ????據(jù)位于加州的企業(yè)防火墻公司帕洛阿爾托網(wǎng)絡(Palo Alto Networks)稱,在過去六個月中,一種新的惡意軟件悄然侵入了裝有OS X和iOS系統(tǒng)的設備,這種軟件會搜集信息,并籌備某些未明攻擊。 ????發(fā)現(xiàn)這種軟件的研究人員將其稱作WireLurker(意為“數(shù)據(jù)線潛伏者”),因為它可以通過電腦數(shù)據(jù)線感染甚至是原裝非越獄的iPhone和iPad。 ????目前在中國境外,尚沒有WireLurker感染蘋果(Apple)設備的報道。蘋果公司表示,已經(jīng)采取措施阻止該病毒感染蘋果設備。 ????蘋果發(fā)言人對《財富》(Fortune)表示:“我們正密切關(guān)注這種惡意軟件,它來自于某個面向中國用戶的下載站。我們確認并阻止了它的運行。如往常一樣,我們建議用戶從可靠來源下載和安裝軟件。” ????有人找到了攻擊蘋果設備的方法,這對于一直以來宣稱自身能夠保護用戶隱私和安全的蘋果而言,實在是件麻煩事。攻破蘋果的防御體系并不輕松,它還需要中國數(shù)十萬部越獄的iOS設備作為啟動基礎(chǔ)。 ????帕洛阿爾托網(wǎng)絡公司第42單元的研究人員通過WireLurker追蹤到了中國一家名為“麥芽地(Maiyadi)”的第三方Mac應用商店。根據(jù)公司周三發(fā)布的白皮書顯示,那里流出了467個受到感染的應用,這些應用總共被下載了超過356,104次。也就是說,可能有數(shù)十萬用戶已經(jīng)受到惡意軟件的影響。 ????用戶需要更改Mac電腦上的安全設置,并忽略自動彈出的好幾次警告,才能成功下載帶病毒的應用。 ????應用一旦安裝成功,就會按照設定好的指令,感染多個移動設備。 ????以下是帕洛阿爾托網(wǎng)絡公司發(fā)布的新聞稿: ????“如果一臺OS X電腦感染了WireLurker病毒,任何通過USB數(shù)據(jù)線與該電腦連接的iOS設備,無論是否越獄,都會被監(jiān)控并自動安裝下載好的第三方應用或自動生成的惡意應用。這就是為何我們叫它WireLurker(數(shù)據(jù)線潛伏者)?!?/p> ????“WireLurker可以竊取受感染的移動設備上的多種信息,還能定期向黑客的指揮和控制服務器發(fā)送升級請求。黑客正在積極地開發(fā)這個惡意軟件,其目的尚不明確。” |
????Compared with Android phones or Windows PCs, Apple’s products are relatively impervious to malware, which is what makes WireLurker so interesting. ????According to Palo Alto Networks, a California company that sells firewalls to businesses, a new family of malware has been quietly infiltrating OS X and iOS devices for the past six months, gathering information and preparing for some kind of unspecified attack. ????The researchers who discovered the plot called it WireLurker because it can infect even pristine, non-jailbroken iPhones and iPads through computer cables. ????There are no reports of WireLurker infecting Apple devices outside China, and Apple says it has taken steps to prevent that from happening. ????“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching,” anspokesperson told Fortune. “As always, we recommend that users download and install software from trusted sources.” ????The fact that someone found a way to do it has to be troubling news for Apple, which markets itself as the company that protects its users’ privacy and keeps them safe. ????Getting through Apple’s defense systems wasn’t easy, and it required the breeding ground of hundreds of millions of jailbroken Chinese iOS devices to get started. ????Researchers at Palo Alto Network’s PANW 3.50% Unit 42 traced WireLurker to a third-party Mac application store in China called Maiyadi App Store. There it “trojanized” 467 OS X applications, according to a white paper published Wednesday, and those apps were downloaded more than 356,104 times. In all, hundreds of thousands of users may have been affected. ????To download the infected apps, users would have had to change the security settings on their Macs and ignore several pop-up warnings. ????But once installed, the apps could make the leap to devices that followed all the rules. ????From Palo Alto Network’s press release: ????WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it ‘wire lurker’… ????“WireLurker is capable of stealing a variety of information from the mobile devices it infects and regularly requests updates from the attackers command and control server. This malware is under active development and its creator’s ultimate goal is not yet clear.” |
最新文章