For the most part, Mac users have not had to deal with a whole lot of virus and malware issues. However, there are folks out there with nothing better to do but find ways to mess up other people’s lives and add to their stress level. It boggles my mind.
The latest concern, the WireLurker Malware, is documented here. Please read the info in the link and come back to this page if you would like my assesement.
Is the concern re: the WireLurker Malware overblown? Yes & No. Yes, because there are some pretty basic things one can do to avoid and/or minimize the threat, and No, because it’s easy for many folks to miss the details and walk right into the trap, after which they will be in a world of tech ‘hurt’. Nobody needs that. So, here’s my take on this, much of which reiterates the recommendations in the linked article.
ONLY download apps to your Mac from the Apple App Store or from reputable and trusted 3rd party sites. Do NOT download apps from anywhere else. Period! That, in and of itself, should keep malware and viruses off your computer. Apple has taken a lot of heat over the years for maintaining such tight control over what gets installed on their products and this is a prime example of the wisdom behind such a closed environment. I’m the first one to agree there are many useless apps on the Apple Store, but there are also more than enough good or great apps available for all the things we need to do. Add to that the reputable, trusted sites and there is a plethora of awesome solutions. Not that there isn’t room for improvement, because there is, but to go to a untrusted site that is flogging apps that have not been cleared by Apple or are outside the box of trusted sites is just opening a gateway for very nasty stuff.
Now here’s the next part to this. If your Mac does get infected, it seems it doesn’t actually affect your Mac itself because WireLurker is really just waiting for the opportunity to infect your iPhone or iPad. That’s it’s goal. And, the way the malware gets from your Mac to your iOS device is via USB. So, the other precaution is to NOT transfer data via the USB port. Yes, there may be times you need to transfer large video files to your computer from your iOS device or a particular iOS app does not support cloud storage (proprietary cloud, iCloud, Dropbox etc…) but, for the most part we are pretty much at the point where you don’t need to hardwire your iOS device to your computer.
With iOS8 and Yosemite we now have iCloud Drive which supports all files, including video files, so that should take care of the data in Apple Apps and most other App Store apps (and trusted apps) work with some kind of cloud service. In fact, I typically stay away from apps that don’t support iCloud, Dropbox or some other cloud service.
If, for some reason, the cloud solution is not available there is one more way to get data to your computer from your iPhone or iPad without a USB cable. The downside to this solution is that if you have not already set up your iPhone or iPad to sync wirelessly over WiFi to iTunes then you will have to risk connecting via USB long enough to toggle that preference on. The preference is in iTunes under Options. Once you have toggled this preference on for your iOS devices they will show up just as if they were connected via USB if you have the device plugged into a power source. So, if you have to do this, toggle the pref on and unplug from the computer asap.
Well, that’s about all there is at this point until a remedy is found to rid your computer of the malware and/or prevent it from getting on your computer in the first place. AntiVirus apps can certainly help but often times when a virus or malware first hits the scene the AntiVirus apps need to catch up, so still, it makes sense to follow all of the recommendations re: avoiding untrusted 3rd party app stores. An example of trusted 3rd party sites are apps like Evernote, Things, Panic, Rouge Amoeba, NCH software etc… It’s not difficult to figure out which ones are safe. Ironically, many of these apps are also available at the Apple App Store but because of restrictions related to sandboxing (google it) some companies give you the choice of downloading from the Apple App Store or as a direct download.
The thought occurred to me that Samsung may have created WireLurker to cause Apple and the users of their products grief. In a world driven by way too much greed, one never knows. :-)
Safe computing to you all. Be well. – Neil
PS
Normally I use my website for news and products related to my music. However, being as this newsfeed is essentially my WordPress blog, I figure it’s time to change things up a bit. Aside from love of music, I’ve always had a passion for technology, and over the years I’ve worked in various roles in that industry, including as a self-employed Mac computer tech. Although my busy gigging schedule prevents me from doing as much tech work as I use to, I still spend considerable time helping folks close to me and am always researching and keeping as educated as possible regarding technology and more specifically Mac related technology.
Neil Harnett 