Just last month, reports of a malware that affected both Mac and iOS devices was discovered. Called WireLurker, the malware was found to be mainly in China. The malware made use of USB connections to infect different iOS devices through a Mac computer. While it is said that the origin of the malware was from third-party Mac App Stores offering cracked games and other software programs, there was no concrete evidence on how factual this was. And with this malware still taunting both jailbroken and non-jailbroken iOS users, there are many who are still worried about whether or not their device has been infected.
As discovered by security firm Palo Alto Networks, the malware has the ability to access and steal the device’s address book, download updates, read iMessages, and even be upgraded with new features. Even without doing anything, the original user may never even know that his device already contains the disturbing malware.
If you are like the many who are wondering whether your iOS device has been infected by the WireLurker malware, here is a simple guide on how you can figure it out. Additionally, you can delete the malware from your iOS device using the next series of steps.
How to Find WireLurker Malware on Jailbroken iOS Devices:
- Install a file manager program like Filza or iFile. You can also make use of SSH capabilities to access your iDevice on any Mac or PC computer.
- Head over to /Library /MobileSubstrate /DynamicLibraries
- If you locate a file entitled ‘sfbase.dylib’, then your device has been infected with the malware. You will need to delete the file so your device will no longer be affected.
- Make sure you restore your device afterwards.
How to Find WireLurker Malware on Non-Jailbroken iOS Devices:
- In Settings, tap on General> Profile
- You will know that your device has been infected by the malware once you find a strange profile listed on this portion of your device.
- Simply delete the profile if you find it on your device.
- Look for strange apps that may have been added to your device without your knowledge or approval. Make sure to delete them.
- Perform a fresh restore on your device.
Good news for those who are located outside China: there is an unlikely chance that your device is infected with the Malware. At the same time, Apple has blocked the apps that have been infected. If you still wish to be sure, you may go ahead and follow the steps mentioned above so you can determine whether or not your device has been infected by the WireLurker malware. Once you find it on your device, you simply have to delete it and restore your iOS device.
With the WireLurker malware seemingly coming from Chinese sources, Apple is warning its users to only download Mac applications and iOS programs from trusted sources such as the Mac App Store. This way, users can be able to avoid exposing their devices to this horrific threat to one’s privacy.