How to find and remove the virus WireLurker with iPhone, iPad and Mac




November 5 research company Palo Alto Networks found Wirelurker malicious application , which applies to devices with iOS. Experts say that it is the most successful attack on users “apple” OSes: for the last six months, 467 applications infected by malicious code downloaded 365,104 times. Apple has confirmed the existence of malicious code, stating that blocked the work of infected programs .


iOS is still the most secure mobile OS. In the entire history is not more than a dozen known malicious programs for mobile devices Apple. Most works only on devices where conected jailbreak. Originally tied to the iOS App Store, here is largely lies The security technology Apple. Each application is pre-certified, so those that contain malicious code, enter the store is extremely rare – and if they fall, they are quickly removed.
How Wirelurker infects iPhone, iPad and Mac

WireLurker attacking the iPhone and iPad via computers with OS X. It is embedded in the program for the Mac, placed in a Chinese shop Maiyadi, – Parties not licensed Apple. Computer user downloads the application, then the program waits when your Mac via USB will connect the iPhone or iPad. Then “malware” establishes a malicious application on iOS-device or code rewrites of existing programs, using vulnerabilities in the system of distribution of enterprise software.


Is there a way to detect and neutralize Wirelurker?
How to find and remove WireLurker with iPhone and iPad

For devices with jailbreak

Step 1: Install from Cydia file manager iFile, the program can be downloaded free of charge.

Step 2: Open the folder Library -> MobileSubstrate -> DynamicLibraries.

Step 3: If this folder you will find a file sfbase.dylib, then the device is infected WireLurker.

Upon detection sfbase.dylib file system, it must be removed, and then restart your iPhone and iPad. For reliability, we recommend completely reinstall the operating system using iTunes. If the above file does not exist, no cause for concern.

Devices without Jailbreak

Step 1: Open the Settings app and go to Menu Key -> Profiles.

Step 2: You should find the corporate profile PPAppInstaller. If installed on your device, it should be removed. This will block the virus.


Step 3: Also check out the app from the App Store on abnormal behavior. For reliability, we recommend completely reinstall the operating system using iTunes.
How to find and remove WireLurker on Mac

Step 1: Launch the Terminal from the Utilities folder.

Step 2: Copy and run the command in Terminal

curl -O

Step 3: Run the following command:


Step 4: Wait until the terminal checks the installed software for viruses.

Step 5: If the system is not infected, the message «Your OS X system is not infected by the WireLurker».


Otherwise, you need to open the folder Macintosh HD> Library> LaunchDaemons and delete files:

In the folder Macintosh HD> System> Library> LaunchDaemons remove:

in the folder usr / bin to remove:


See also:

How to protect your iPhone and iPad from the virus Wirelurker

Join us on Twitter , VKontakte , Facebook , Google+ or via RSS , to keep abreast of the latest news from the world of Apple, Microsoft and Google.


Tags: , , , , , , , , , ,

In: Technology & Gadgets Asked By: [15554 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »