Posted by: David Harley | November 8, 2014

More WireLurking

I’m sure there are lots of other articles about this, but I’m trying not to track them: it’s the weekend and I have a couple of days holiday left! Randy Knobloch flagged some more links, though, including these:

Tielei Wang is quoted in the latter article as saying that:

…similar attacks could come through computers running Windows and Linux operating systems…

In fact, I came across a Register article citing AlienLabs’ discovery of an earlier, less successful Windows-targeting variant, while Macworld pointed out that

…the older WireLurker variant had binary code for three different architectures: 32-bit ARMv7, 32-bit ARMv7s and 64-bit ARM64.

 

David Harley
Small Blue-Green World

Posted by: David Harley | November 6, 2014

WireLurker – my last word (maybe)

I notice that it’s being stated in several places that this is the first malware that affects non-jailbroken iGadgets. It may be the first on this scale, but it’s not the first ever. I don’t usually track individual malicious programs myself, even on iOS, but earlier this year (in June) Axelle Apvrille noted for Fortinet that out of 11 iOS-targeting programs she listed, three did not rely on jailbreaking. She said at the time:

  • Yes, malware for iOS exist.
  • Yes, there are far less than on Android.
  • No, they don’t concern only jailbroken phones.
  • Yes, some were found (and removed) in the AppStore.

You might or might not want to argue about the relative importance of these examples of malware, but I’m now resuming my very brief vacation time, so don’t expect me to debate it right now. :)

David Harley

Posted by: David Harley | November 6, 2014

WireLurker revisited

Update: you might also find this Register article of interest.]

My attention was drawn to some more links in the order in which I found them, in a thread between Randy Knobloch and Artem Baranov. (Sorry, Randy, but I’m not really working this week, and haven’t been tracking this much.)

Posts previously referenced aren’t re-included here.

David Harley

Posted by: David Harley | November 6, 2014

WireLurker OS X and iOS malware

[Update: added link to Virus Bulletin blog]

I’m guessing that the current spike in views of this site is related to the media fuss about Wirelurker which has (potentially) affected OS X users and iOS users, even those who don’t jailbreak their iGadgets. I’m tied up with family issues right now, so not really commenting, but here are some reasonably reliable places to get more information. HT to Artem Baranov for the first two links: in particular, I recommend you read the Threatpost article before flying into a panic.

The following articles may be useful for further links and snippets:

Keep watching for further info on AV vendor sites. I’d expect Intego and Sophos to comment fairly soon, though I’m not in their confidence. :)

David Harley
Small Blue-Green World

Posted by: David Harley | October 29, 2014

OS X malware, KnockKnock, Elk Cloner and the Universe

Here’s an OS X-related article I just posted on the IT Security site: OS X malware: I hear you KnockKnocking but you can’t come in*

Patrick Wardle’s KnockKnock is useful for the generic detection of OS X programs that maintain ‘persistence’, but it isn’t a replacement for anti-malware. (I suppose I should mention in this case that a lot of my income comes from providing consultancy to the anti-malware industry, but no anti-malware company has anything to do with this site, and of course Kevin Townsend’s IT Security site is vendor-independent.)

David Harley
Small Blue-Green World

Posted by: David Harley | October 26, 2014

Meanwhile, back to some real news…

…albeit just a roundup of some recent issues.

David Harley
Small Blue-Green World

Posted by: David Harley | October 26, 2014

Digital Guardian – flattery will get you – er, not much…

This blog was flattered to find itself in good company on the Digital Guardian site as one of the top 50 sites you ought to be reading, but rather puzzled as to why, since the information it cited was a little off-beam (no-one else is writing for this blog these days, for example) and the ‘three articles we like’ it cited were pretty much pointers to articles by other people on other sites. (I’m afraid this happens more and more frequently nowadays, as my working hours decrease and my workload continues to increase, so I have to prioritize other outlets.) Perhaps Digital Guardian actually got around to reading the articles, since it seems that Mac Virus has been removed from the list. Oh, the humiliation! ;)

I do get a namecheck, however, as a contributor to Kevin Townsend’s IT Security (which seems to have attracted quite a lot of attention in a short time), and there’s even a link to one of my of my more serious articles: The economics of benevolence: mean memes.

NB I know nothing about Digital Guardian’s product range, so mentioning the site doesn’t constitute a recommendation on my part – in fact, that’s why I didn’t mention it while Mac Virus was cited. But some of the blogs mentioned in the article are well worth reading.

David Harley
Small Blue-Green World

Posted by: David Harley | October 2, 2014

iWorm, Xsser, Shellshock catch-up

My apologies if people have been haunting this page in search of information about the many Apple-related issues that have raised their heads in the last week or two. I’ve just been too busy elsewhere to blog on this site. Here are a few articles worth your attention, by way of a catch-up.

David Harley
Small Blue-Green World

Posted by: David Harley | September 24, 2014

More iPhingering

More about the susceptibility of the iPhone 6 to the TouchID fingerprint hack, from The Register’s John Leyden: Apple should LOOK BELOW to beat TouchID fingerprint hack, say securo-bods.

David Harley
Small Blue-Green World

 

Posted by: David Harley | September 23, 2014

iPhone 6, iPhingered

John Leyden reports that Lookout claims that ‘iPhone 6 STILL vulnerable to TouchID fingerprint hack ONE YEAR LATER‘ referring to the hack previously reported with the 5s.

Gaining access to an iPhone using a faked fingerprint isn’t the easiest trick to pull off, and in any case needs access to the owner’s fingerprints and the phone itself. Still, it’s a good argument for using a passphrase or PIN as a second authentication factor.

David Harley
Small Blue-Green World

Older Posts »

Categories

Follow

Get every new post delivered to your Inbox.

Join 40 other followers