Researchers at a Silicon Valley security company said on Wednesday that they had found a new manner in which hackers can infect Apple products.
周三,硅谷(Silicon Valley)一家安全公司的研究人员表示,他们发现了一种黑客攻击苹果(Apple)产品的新方式。
The company, Palo Alto Networks, reported that it had uncovered a malware campaign called WireLurker targeting Apple mobile and desktop users and said it was “the biggest in scale we have ever seen.”
帕洛阿尔托网络公司(Palo Alto Network)报告称,该公司发现了一种名为WireLurker的针对苹果移动设备及台式电脑的恶意软件,并称“这是我们见过的规模最大的恶意软件”。
Though the malware — malicious software designed to cause damage or steal information — is aimed at users in China and can be avoided, the campaign demonstrates new ways that attackers are targeting Apple iOS mobile devices.
虽然这款恶意软件——旨在造成损害或盗取信息的软件——针对的是中国的用户,而且能够避免,但此次行动展示了攻击者侵袭装有苹果iOS系统的移动设备的新方式。
The security company, based in Santa Clara, Calif., said that WireLurker had infected more than 400 applications designed for Apple’s Mac OS X operating system through the Maiyadi App Store, a third-party Mac application store in China. In the last six months, Palo Alto Networks said 467 infected applications were downloaded over 356,104 times and “may have impacted hundreds of thousands of users.”
这家位于加利福尼亚州圣克拉拉的安全公司表示,WireLurker已经通过麦芽地应用商店——中国的第三方Mac应用商店——感染了400多个适用于苹果Mac OS X操作系统的应用。该公司称,在过去六个月中,467个被感染的应用已被下载了356104次,“可能已经影响了数十万用户。”
The company said users’ iOS devices could also become infected if they connected their mobile device to their Macs through a USB wire. “WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken,” Palo Alto Networks security researchers said. “This is the reason we call it ‘wire lurker.’”
该公司称,用户如果通过USB连接线将移动设备与Mac电脑连接,用户的iOS设备也会受到感染。“任何iOS设备只要通过USB连接到受感染的OS X电脑,并安装下载的第三方应用程序,或自动在设备上产生恶意应用程序,都会被WireLurker监控,不管设备是否已经越狱,”该公司安全研究人员说。“因此我们称之为‘wire lurker’(连接线中的潜藏者)。”
Typically, iOS users can download applications from third parties only if they have “jailbroken” their phones, or altered them to run software Apple has not authorized. With WireLurker, an infected application can reach a non-jailbroken phone from an infected Mac OS X system, which is why Palo Alto Network researchers say WireLurker represents a “new brand of threat to all iOS devices.”
iOS用户通常只有将手机“越狱”——改变手机以运行未经苹果授权的软件,才能从第三方下载应用。被Wirelurker感染的应用能够通过受感染的Mac OS X系统侵袭尚未破解的手机,因此帕洛阿尔托网络公司的研究人员称,Wirelurker代表一种“针对所有iOS设备的新威胁”。
Researchers say that once WireLurker is installed on a Mac, the malware listens for a USB connection to an iOS device and immediately infects it. Once infected, WireLurker’s creators can steal a victim’s address book, read iMessage text messages and regularly request updates from attackers’ command-and-control server. Though the creator’s ultimate goal is not yet clear, researchers say the malware is actively being updated.
研究人员称,一旦WireLurker被安装到Mac电脑上,这款恶意软件就会等待用户通过USB连接iOS设备,然后立即感染该设备。一旦被感染,WireLurker的制造者就能窃取受害人的通讯簿、读取iMessage中的短信并定期从攻击者的指挥控制服务器发出更新请求。尽管尚不清楚制造者的最终目的,但研究人员称,有人正在积极更新该恶意软件。
“They are still preparing for an eventual attack,” said Ryan Olson, the director of threat intelligence at Palo Alto Networks. “Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”
“他们还在为最后的攻击做准备,”该公司威胁情报事务负责人瑞安·奥尔森(Ryan Olson)说。“尽管这种事情是第一次发生,但它向大量攻击者表明,这种方式可以用来击破苹果围绕其iOS设备构建起的坚硬外壳。”
Mr. Olson said Palo Alto Networks had alerted Apple to its findings, though an Apple spokesman declined to comment on their reports.
奥尔森称帕洛阿尔托网络公司已经警告苹果注意相关发现,但苹果的一名发言人拒绝就该公司的报告发表评论。
The firm’s advice to Mac and iOS users is to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. They also advise users to keep iOS software up to date.
该公司给Mac电脑和iOS用户的建议是,避免下载任何来自第三方应用商店、下载网站或不受信任的来源的Mac应用或游戏,并避免将iOS设备与任何不受信任的配件或电脑连接。他们还建议用户持续更新iOS软件。
Separately, last Friday a researcher in Sweden announced that he had uncovered a serious new vulnerability in Yosemite, Apple’s latest OS X operating system. The researcher, Emil Kvarnhammar, said the vulnerability, which he calls “Rootpipe,” allows attackers to gain “root access,”or full administrative control, of a victim’s Mac, allowing them to steal information or run programs of their own.
此外,瑞士一名研究人员上周五宣布,在苹果最新的OS X操作系统Yosemite中新发现了一个严重的漏洞。这位名叫埃米尔·夸恩哈马尔(Emil Kvarnhammar)的研究人员表示,被他称作“Rootpipe”的这个漏洞能让攻击者获取受害者Mac的“根权限”,即完全的管理控制权,以窃取信息或运行攻击者自己的程序。
To date, there is no evidence that the vulnerability has actually been exploited and here, too, it would be difficult for the average Mac user to stumble upon. For hackers to gain control of a Mac, the victim would need to ignore every OS X pop-up security warning.
迄今为止,尚没有证据表明已经有人利用了这个漏洞,并且普通Mac用户也很难遇到。因为黑客要想控制Mac,受害者必须要忽略OS X弹出的所有安全警告。
Apple is currently patching the Rootpipe vulnerability, but it is not clear when the patch will be completed.
苹果正在修补Rootpipe漏洞,但尚不清楚修补工作何时完成。
上一篇: 天冷难起床?十大奇葩旷工理由
下一篇: 美国女性爱上了韩国化妆品