iPhone and iPads are infected when the device is connected through USB to a Mac computer where an infected OS X app has been downloaded. The source of the infection is reported to be third-party OS X apps in the Maiyadi App Store in China. For the time being most of the reports of infection are located in China. Apple devices are at risk whether they’ve been jailbroken or not.
Security firm Palo Alto Networks researcher Claud Xiao has said this “heralds a new era in malware attacking Apple’s desktop and mobile platform” and is “the biggest in scale we have ever seen.”
The larger the Apple market share, the more attractive Apple becomes as a target for cyber criminals.
Palo Alto Networks says the infected WireLurker app has been downloaded over 356,000 times to OS X computers, how many of those computers have attached via USB to an iPhone or iPad is unclear. Once infected the malware has the capability of stealing “a variety of information” from the mobile device.
The recommendation is the same for iOS or Android, don’t download from third-party app stores.
If nothing else, this malware is a proof of concept for malware / virus developers that Apple devices are not impenetrable.