Chinese Authorities Take Down Wirelurker Malware Websites, Arrest Suspects

According to a statement by the Beijing Municipal Bureau of Public Security, the authorities have shut down the web sites responsible for the Wirelurker malware, while also arresting the suspects in the case, ZDNet is reporting. For those who aren’t aware, Wirelurker is a recently discovered malware that targets non-jailbroken iOS devices as well as OS X devices in China.

Wirelurker title

The malware, discovered by Palo Alto Networks, could download the malicious apps from the third-party stores commonly used in China and when it detected an iOS device connected through the USB port, installed the malicious apps on the device. Worst of all, the malware was able to install on non-jailbroken iOS devices because the attackers used enterprise certificates to sign the apps.

“The suspects, identified by their surnames as Wang, Lee and Chen, were taken into custody on Thursday based on information provided to law enforcement authorities by the China-based security company Qihoo 360 Technology.

According to Chinese authorities, the suspects conspired to develop the malware for illegal profits. The website used to distribute the malware has been shut down, the Beijing Municipal Bureau of Public Security said in a statement published on its Sina Weibo account. Researchers have found evidence connecting the Maiyadi app store to the creators of the malware.”

While Apple has revoked certificates used by Wirelurker to protect its customers, the security firm estimates that hundreds of thousands of users downloaded the malicious versions of the applications.