The truth on reported Apple iOS vulnerabilities

Image Credit: Maiyadi Website

Image Credit: Maiyadi Website

In the few days clear documented vulnerabilities have been detected with the popular iOS operating system which runs on iPhone’s and iPad’s, but unfortunately due to the stories being reported by newspaper outlets…they have become more of a click and bait style article providing little detail on how this affects the average user in Australia (or in this case doesn’t affect), which as a passionate tech writer frustrates me.

It is completely factual that Palo Alto Networks discovered a malware program dubbed as WireLurker, which has the ability to infect tablets or phones running iOS while they are connected to a Mac computer…which users would be connecting to make backups, update software or transfer photos and ringtones between devices.

It is only the second known malware that has been able to target the operating system of the devices on iOS, but thankfully has at this point been isolated to the country of China and part of it’s user base due to the third party application known as Maiyadi.

Maiyadi was an application which allowed installation of third party applications to iOS devices through cable transfer, allowing users to install a range of applications that were offered through the third party website rather than the official Apple App store. By installing applications in this manor, users were bypassing all the traditional software testing that the App store completes before approving programs for distribution.

Apple has noted the activity and has been able to prevent the applications from launching on updated devices at this stage, with around 356,000 downloads occurring before updates were provided to Chinese handsets.

The take home message is that this case has been isolated solely to mobile devices in China using Maiyadi and that the Apple App Store is the only place that you should be obtaining both free and paid applications for your iOS based device.

Apple does a great deal of checking on applications that apply to be delivered via the store, so the chances of picking up these sort of malicious programs is highly unlikely.

No doubt Apple will be working on updates to their software in an effort to protect the operating systems further from these sorts of things repeating themselves over time.

Palo Alto Networks Report: https://www.paloaltonetworks.com/threat-research.html

Leave a Reply