But the malware also appears to infect iOS devices when they're plugged into a Mac via USB."WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken," explains Palo Alto Networks. "This is the reason we call it 'wire lurker.'"
It seems that WireLurker sits on a Mac, constantly listening for USB connections, then immediately infects iOS devices when they're plugged in. The malware appears to give access to all user data on the phone, from the address book to iMessage. But, interestingly, the malware so far hasn't been used to exploit anyone's device, says Palo Alto Networks. Rather, those behind it "are still preparing for an eventual attack."
It's worth remembering that this malware is very much China-focused right now, so there's not too much need to worry about being infected just yet. Apple is currently patching the vulnerability, though it's not clear when the fix will be ready. [Palo Alto Network via NYT]
source: gizmodo.com by Jamie Condliffe