AAPL Stock: 111.31 ( + 0.53 )

Subscribe to this page now.

The MacNN Podcast, episode 35: 'Super tightly-engineered pants'

10/05, 7:30pm

Reasons to embrace or avoid upgrading, hacks and scams, and all for science

It's now October, and all the big Apple gifts we're going to get for Xmas this year are (probably) behind us. There's just one more to open: OS X 10.11 El Capitan. Should you jump to the latest and greatest? There are reasons to do so, and there are reasons to wait, depending on your situation. MacNN Editor Charles Martin and Managing Editor Mike Wuerthele discuss the pros and cons, talk about the real differences between the iPhone 6s and iPhone 6s Plus, argue whether 16GB can work on an iOS device for storage without much pain, and more.


Apple responds to XcodeGhost scare with data for devs, public

09/22, 5:20pm

Chinese malware was not malicious, but points out new vector of attack

Apple has now responded publicly to the XcodeGhost malware scare, explaining in a page on its Chinese website addressed to customers that even if they used apps affected by the issue, no personally-identifiable information was gathered. The company removed any affected apps, and explained the cause (iOS programs were built using compromised Chinese versions of Xcode downloaded from other sources), while offering developers a method of ensuring that their own installations of Xcode were valid.


Apple, Microsoft fight US law enforcement over encryption

09/07, 7:26pm

In digital world, boundaries for countries, law enforcement mean little

As has been predicted for some time, the US government is clashing with technology companies over the encryption of personal data when it comes to law enforcement. The Justice Department is accusing Apple of disobeying a court order that it turn over text messages, in real time, between suspects in a guns-and-drugs case who are using iPhones. Apple has said the messages are encrypted without third-party keys, and thus it cannot comply with the order. Microsoft is also fighting the government, over whether emails stored outside the US should be given to US officials.


UK firm develops hydrogen fuel-cell battery prototype using iPhone 6

08/24, 6:27pm

Requires vents to release small amount of water vapor, runs for a week

Users of smartphones are always complaining -- despite huge advancements in battery technology over the past few years -- about the need to recharge devices frequently. A new form factor from British firm Intelligent Energy could potentially change this to only having to recharge a phone on a weekly, rather than daily, basis. The company has placed a hydrogen fuel-cell battery into an iPhone 6 as a proof-of-concept, with only tiny changes to the casing for the device.


New OS X vulnerability discovered by Italian teen

08/17, 2:27pm

Leverages bugs to cause memory corruption which could bypass kASLR protection

Two new zero-day vulnerabilities have been uncovered by an 18-year-old Italian man that could be exploited to gain remote access in OS X 10.9.5 through 10.10.5, though the researcher has already published a version of a fix Apple could adopt in a future update. The new discoveries come on the heels of a similar vulnerability that was fixed by Apple in the last OS X software update. Details of the exploits were published by Luca Todesco on Github, just hours after he had notified Apple of the flaws.


Technology in Recovery: Unconventional solutions

07/21, 4:22pm

What happens when there are more strokes than you thought?

A lot has happened since the last installment of Tech in Recovery, so please pardon the delay. The primary subject of the series, my wife, has suffered further mini-strokes, which led to a significant setback in both her treatment, and this series. So, absent of other data, for now, let's roll into the third installment of Technology in Recovery. This week, we're going to discuss some things that have been used in her therapy, as well as addressing a frequently-asked question -- what am I doing to stay sane?


Adobe patches Flash Player to close new vulnerabilities

07/10, 12:03pm

Latest exploits flaw marketed by Hacking Team to governments, others

Adobe has updated Flash to version for Windows and Mac in an effort to close yet another batch of security flaws. While no active use of the exploits had been discovered, the company had been notified earlier this week that some of the exploits had been discovered to be known by Hacking Team, a group of commercial security attackers that has sold such secrets and flaws to government agencies around the world.


Briefly: Rapper records album in Apple Stores, iOS 8.3 unsigned

07/08, 7:06pm

Stolen computer prompts Dominican rapper to seek help from Apple Store

A struggling artist with a run of bad luck turned to the SoHo Apple Store in Manhattan to complete, in a piecemeal fashion, a full-length album on the store's Macs -- with some help from some employees. Following a computer that broke down and another that was stolen, Dominican immigrant and rapper Prince Harvey told his story to some sympathetic Apple Store employees, who assisted the young artist in completing his album.


The MacNN Podcast, episode 22: The Sound of (Apple) Music

07/06, 8:16pm

The Beats 1 that just can't go wrong today

Time once again for another episode of The MacNN Podcast, this time episode 22! Since it was quite a notable week, this week's chat between Editor Charles, Managing Editor Mike, and staffers Michelle, Bradley, and Sanjiv is pretty jam-packed. The big story of the week was the launch of Apple Music, and we spend time on both the good and bad of that, but we talk about a lot more as well. Show notes after the jump.


Pointers: play nearly any media file on your iOS device

07/03, 6:10pm

Third-party app combo make home video playback drop-dead easy

Today's Pointers is going to be a bit short and sweet because, like everyone else in the US, we're itching to get out of the office and engage in dangerous, noisy, polluting activities of an excessive nature. So while you are waiting in the burn unit or drunk tank for either treatment or bail money, here's a great tip for making all that waiting time easier: a simple way to get your iOS devices to play any non-DRM'd audio, photo, or video file format without taking up any space. It's like iTunes Match, but for all kinds of media files.


Apple warns users on new Trim support in 10.10.4

07/02, 1:30pm

Latest OS X version offers preliminary support for third-party drives

Although many are celebrating the long-awaited arrival of Trim support for third-party SSD storage that can be enabled by users, Apple's implementation of it should be considered preliminary, and comes with an unusual and strongly-worded warning that offers no support if the user should experience problems. In addition, some popular SSD models, notably Samsung's 840 and 850 lines, may be subject to a data-destroying bug if Trim is activated.


Briefly: TaiG iOS 8.4 jailbreak; Downgrade iPad 2, iPhone 4S to iOS 6

06/30, 3:33pm

TaiG updates jailbreak tool to 2.2.0, allows for iOS 8.4 hack

Jailbreak group TaiG has released an iOS 8.4 hack, mere hours after the official Apple release of the new OS. The new software revision uses the same exploit that the group used just days ago for iOS 8.3, allowing users to install the Cydia repository, and other phone software tweaks, at the cost of some device security regarding execution of arbitrary code. The hack requires a Windows PC, iTunes, and the newly released 2.2.0 version of the group's tool.


Second MacKeeper security flaw found, being actively exploited

06/25, 5:00pm

Website can mimic malware report from software, thus obtaining admin password

Users of controversial utility software MacKeeper who are not up-to-date on the latest version are vulnerable to a serious security flaw that can trick users into passing their admin passwords onto attackers, thus leaving the Mac vulnerable to a complete remote takeover. Though the problem has been fixed in version 3.4.1 of the much-maligned "cleanup" utility, the flaw is being actively exploited in the wild by attackers preying on users who have not updated.


Apple institutes partial fix for 'XARA' exploits; patch in progress

06/20, 8:14pm

Range of discovered vulnerabilities made it possible to intercept data between apps

Apple announced on Friday that it had implemented a server-side partial security update earlier this week to help protect Mac and iOS users against a "series of high-impact security weaknesses" discovered by researchers now collectively known as XARA vulnerabilities, that could potentially be used to obtain data being passed between sandboxed applications, such as passwords. No known cases of the exploits have been seen "in the wild," and Apple says it is working with researchers on a longer-term fix.


New Mail bug could post phishing messages as iCloud pop-ups

06/10, 2:28pm

Proof-of-concept code posted to Github after Apple fails to close hole

As part of a slew of recent security flaws found in Apple's two operating systems (most of which, it should be noted, are either not serious or are remarkably unlikely to become common), a security researcher has turned up an issue in the iOS Mail app that has the potential to become a widespread problem. As a result, users should be wary of any ">pop-up dialogue boxes in iOS Mail that ask for the user to re-login to a given email service.


Briefly: ResearchKit updated, iOS 8.4 beta fixes text-crashing bug

06/10, 1:11pm

Apple quietly announces ResearchKit 1.1 on developer list, adds iPad support

Late on Tuesday, an Apple representative on the Apple ResearchKit developer mailing list announced the availability of ResearchKit 1.1, which adds multiple new tasks and other enhancements, including iPad support and improved slider support. Following an internal review for accessibility and localization in all OS X-supported languages, new audiometry and reaction-time active tasks have been added, along with a navigable ordered task option.


Pre-2014 Macs vulnerable to potential firmware attack

06/01, 4:18pm

Conditions needed to make exploit work are untenable, but possible

A new vulnerability -- albeit one that is extremely unlikely to happen "in the wild" -- has been discovered by security researcher Pedro Vilaca, where a flaw in pre-2014 Macs could conceivably allow an attacker access to a portion of OS X that has access to the Mac's Open Firmware and EFI (what PC users might call the BIOS of the machine) and possibly exploit other vulnerabilities to perhaps overwrite it with malicious firmware.


Apple Watch: bands in stores, shipping time down, Watch to 512K Mac

06/01, 2:27pm

Availability of bands for Apple Watch improves even as in-store sales remain non-existant

Though in-store sales of Apple Watch models are expected to begin soon, it is currently near-impossible to get one's hands on an Apple Watch without either ordering it online from Apple or visiting one of a handful of high-end fashion boutiques around Europe. Bands for the Watch, however, continue to become more available -- with a spot check of stores in the US showing that sport bands and Leather Loop models are now very widely available.


Hands On: Circuit Mouse (iOS, Android)

03/13, 6:19pm

Is your device plugged in or is it not?

Circuit Mouse is a cheeky little app that answers a very simple question. "Is your device plugged in, or isn't it?" That might seem like a silly question -- devices tend to make a noise when plugged into, or removed from, a power source. Plus, there's usually a little lightning bolt on the battery indicator to show if it's charging, for example. Nevertheless, there are some clever ways to use that information, and Circuit Mouse provides several methods of showing it.


Brikk luxes out Apple watch, will ship $70k diamond encrusted model

02/26, 10:38am

Thirty models planned, ranging from $10,000 to $70,000

Despite the Apple Watch not yet shipping, design company Brikk has unveiled the Lux Watch product line. Their new collection includes 30 precious metal-plated, diamond encrusted luxury models across three lines of the upcoming wearable from Cupertino.


TaiG jailbreak closed off in iOS 8.1.3 update

01/28, 10:25am

Apple credits TaiG team in release notes

Yesterday's iOS 8.1.3 update sabotages the TaiG jailbreak tool, users say. The hack was functional through iOS 8.1.2, outdoing Pangu, which stopped working as of v8.1.1. Although the TaiG team itself hasn't confirmed the problem, Apple's notes for v8.1.3 actually credit the group with finding four security vulnerabilities.


Adobe updates Flash again due to critical security flaw

01/25, 10:29pm

All previous versions vulnerable, attacks on un-updated machines seen in wild

Adobe has again had to issue an update to the browser plug-in version of Flash due a critical flaw in the program that allows remote attackers to take over un-updated Macs or PCs, the latter running either Windows or Linux. The company urges users to update to the latest version, first issued on Friday, that patches the problem -- however, all previous versions should be considered at risk, and there are not yet any Chrome browser or standalone updaters available.


Researcher claims 20 percent of Ulbricht bitcoins came from Silk Road

01/20, 10:30pm

Transactions traced between Ulbricht, Silk Road Bitcoin accounts

The latest update in the trial of Ross Ulbricht's involvement with the controversial but now-closed Silk Road contraband market site involves Ulbricht's collection of bitcoins. A researcher who has audited the stash claims that approximately 20 percent of Ulbricht's bitcoin funds were transferred directly from Silk Road to his accounts, a transaction that would have been worth close to $3 million based on the value of the digital currency at the time.


Lizard Squad DDoS customer database lifted, published in plain text

01/17, 9:27am

Data on 14,241 users with passwords leaked to the Internet following hack

A counter-hack against the Lizard Squad hacking group's distributed denial of service (DDoS) tool LizardStresser has resulted in a customer data theft. Details of 14,241 users of the disruptive hacking tool have been stolen from the group's site, including user names, passwords, and other data stored in plain text, and has now been posted online.


Swiss bank hack fails to pay off for would-be blackmailer

01/10, 2:12am

Hacker group threatens to divulge client identities, bank is unconcerned

Some 30,000 emails from Swiss and foreign clients of the Genevan state bank BCGE have been published by a group or individual calling itself "Rex Mundi." The release of the information occurred on Friday, after the bank declined to give into demands for a payout to keep the information under wraps. The would-be blackmailer provided the bank with a sample of data from two supposed BCGE clients as proof of the hack, and threatened to publish all of the data unless €10,000 ($11,779 US) was not paid by the bank.


Lizard Squad reportedly uses unsecured routers for DDoS attacks

01/09, 8:28pm

Unprotected home, enterprise routers said to be part of Lizard Squad botnet

The attacks against gaming services including the PlayStation Network and Xbox Live over the last month may have been carried out in part by home routers. A report claims Lizard Squad, the hacking group claiming responsibility for the attacks, has access to a large collection of hacked routers, which it is using to bolster its distributed denial of service (DDoS) attacks.


Internet Archive casts saving throw, resurrects 2,300 MS-DOS games

01/08, 3:34am

Prince of Persia, Maniac Mansion, Original Sim City, Lemmings among web-adapted games

Last November, the Internet Archive debuted their new service, The Internet Arcade, where over 900 arcade titles from the 1980's and 90's were hosted for free play over a web browser. Today the service topped itself, expanding the the Software Library to include 2,300 MS-DOS-era games, available through the EM-DOSbox in-browser emulator.


Follow-up: Apple said to have fixed iDict hacking tool vulnerability

01/05, 7:06pm

Blocks hacking tool just one day after release, locks accounts if iDict is attempted

Apple appears to have fixed a flaw in its password security just one day after a hacker announced a new tool that could conceivably breach the existing protection against "brute force" attacks on accounts by taking advantage of an exception. On January 1, a new tool called iDict emerged in a rough state that could bypass repeated password-attempt blocking due to an exception made for iPhones. On January 2, Apple closed that exception and began locking accounts iDict was being used against.


NewerTech releases new mounts for iMac models 2012 or later

12/31, 9:55pm

Aluminum brackets attaches to a VESA compatible wall or desk mount

NewerTech has released a new adapter that allows a 2012 or newer model iMac (including the latest Retina 5K iMac) to be hung with a universal VESA mounting system. Since 2012, Apple has made it so that iMacs must be ordered with a VESA mount at the time of ordering, which means four screw holes would be drilled into the back -- if the original purchaser did not order the custom VESA fitting, there was no option to remove the stand, or add the option to mount it later.


Chick-Fil-A reports nine-month-long payment security breach

12/31, 8:08pm

Restaurant chain will eat losses if banks do not compensate customers for any breach

A rash of credit and debit card fraud cases have been tracked back to accounts that were all used at various Chick-Fil-A locations around the US. The fast food restaurant joins the ranks of retailers with point of sale security issues. This particular breach appears to have run from December of 2013 to September of 2014.


Arrest made in UK related to PSN Christmas DDoS attack

12/31, 7:55pm

'It wasn't nice getting raided at 7:30 AM'

Another arrest has been added to the string that began earlier this month in relation to alleged Lizard Squad activities. Lizard Squad is a small group of Internet miscreants that claim responsibility for an ongoing distributed denial of service (DDoS) attacks on gaming networks (including over Christmas). The group has also claimed responsibility for at least one bomb threat (grounding an airplane carrying Sony Online CEO John Smedley), and participation in the Sony hack.


Ongoing investigations into Sony hack pointing to others, reports say

12/31, 1:25am

New information yields the possibility of at least one ex-employee playing a role

The saga of "who really stole all that data from Sony" continues, in spite of the FBI's adherence to its findings that North Korea alone was responsible. Independent investigations by security organizations have expanded the suspect list to include ex-employees, while net vandals Lizard Squad have, in their continuing quest for attention, claimed partial credit.


Fingerprint security may be vulnerable to spoofs based on photos

12/29, 2:04pm

Average person unlikely to be impacted

The European group that first demonstrated a hack of Apple's Touch ID using a fake fingerprint says it has discovered a way of recreating a fingerprint without a physical sample. The Chaos Computer Club's Jan Krissler, better known as Starbug, demonstrated the technique at the Club's recent 31st convention in Hamburg, using German Defense Minister Ursula von der Leyen as an example. Through commercial software called VeriFinger, Krissler says he was able to piece together Von der Leyen's thumbprint based on publicly-available photos of her digits.


Obama wants stronger cyber-security laws in 2015

12/23, 10:08pm

'We're not even close to where we need to be,' President says

Last Friday, at President Barak Obama's year-end press conference, Carrie Budoff Brown of Politico asked the first question. Her inquiry was whether Sony had done the right thing in canceling the release of the Seth Rogan comedy The Interview, and what a "proportional" US response to the North Korean-led cyber-attack on Sony would look like. While discussing the answers to those questions, President Obama called on Congress to help create stronger cyber-security laws.


Report: one neglected server caused JP Morgan Chase data leak

12/23, 8:49pm

No exploits were utilized in the hacking of the bank's network

Back in July, five bank networks were hacked, the most notable of which was JP Morgan Chase, which resulted in more than 76 million households' information being leaked. At first, it was suspected that a "zero-day" exploit had been utilized to gain access, but an unidentified source has indicated the real story is somewhat more mundane.


North Korea refutes US hacking accusations, endures Internet outage

12/22, 9:46pm

Main Internet connection for North Korea goes down following statement attacking US government

North Korea has declared it will strike against the United States, after the Federal Bureau of Investigation (FBI) identified the rogue state as the origin of the Sony Pictures hack. However, alongside the sabre-rattling statement provided by the Korean Central News Agency of DPRK (the Democratic People's Republic of Korea, as it calls itself) are reports that the country's Internet connection has itself been the target of an attack over the weekend, with North Korea effectively being knocked offline.


Pirate Bay P2P site showing signs of life

12/22, 9:06pm

A new IP, fluttering Jolly Roger, countdown clock

Earlier this month, Swedish law-enforcement raided The Pirate Bay's servers and were able to knock the venerable torrent aggregator offline. Earlier today, the domain moved to a new IP address, and displayed a fluttering Jolly Roger pirate flag only. Now, the flag waves in the background as a clock counts down to January 5, 2015. While one of the original co-founders applauded the takedown, acolytes made sure that no significant dip in torrenting activities -- illegal or legit -- resulted from the apparently-temporary closure.


Tor network servers experience outage after leaked warnings

12/22, 7:53pm

Compromised servers isolated and replaced, says project developers

Last Friday, the Tor Project blog posted about a possible threat that some of its servers would be seized in an attempt to incapacitate or hijack the Tor network. Over the weekend, a group of "exit node" servers in a Dutch datacenter went down, and then came back online. The service, a volunteer network of relays aiming to provide anonymity and security, says it was warned of suspicious activity that may have been instigated by law enforcement.


Obama: Sony hack not act of war; Anonymous promises attacks on NK

12/21, 11:55am

US continues to claim NK responsible for Sony hack, pirate release of movie possible?

In an interview recorded on Friday, President Obama clarified his remarks last week regarding the Sony Pictures hack. The president denies swirling discussions about the hack being an act of war, and called it "an act of cyber vandalism that was very costly, very expensive." Additionally, late Sunday, tweets purport that hacker collective Anonymous is about to wade into the fray against North Korea for its role in the event.


New USB thumb drive-sized device can take over computers

12/18, 7:06pm

Requires physical access, but works on OS X, Windows, Linux

A new USB microcontroller -- roughly the size of a small thumb drive -- has been demonstrated as a proof-of-concept device that leverages a serious and unfixable vulnerability in USB easily take over and install malware on any unlocked computer. Though it requires physical access or tricking the user into inserting the controller into a USB port, the device has worrying implications for any computer left unattended for more than a minute -- the time it takes for the device to gain admin access, change network settings, install a backdoor and remove any obvious sign of intrusion.


Uber announces 'greater investment' in screening, safety standards

12/17, 9:36pm

Review still under way, sparked by rape allegations and regulatory resistance

In response to the concerns of customers, legal troubles and bans in multiple markets around the world, rideshare/taxi service Uber has begun a study into ways to better screen drivers and improve overall safety. Phillip Cardenas, Uber's head of global safety, outlined the company's plans in a recent blog post today. Cardenas comes from Airbnb where he spearheaded the creation of that company's safety program.


'Grinch' exploit puts Linux servers, Android phones at risk

12/17, 4:21am

Managing privileged operations on Linux servers key for protecting e-commerce servers

In a blog post today, AlertLogic Chief Security Evangelist Stephen Coty outlined ways to identify and protect against a Linux server exploit he has dubbed "Grinch." Citing a 2013 report from W3Tech stating that approximately 65 percent of all web servers utilize a Unix or Linux-based operating system, he said that the danger is that Grinch can be used to "steal Christmas." At the crux of this exploit is a way to access administrative permissions through JournalID, which could allow remote execution of commands on any Linux-based server.


Flaw in online boarding passes enable anyone to view others

12/16, 9:13pm

Insecure URLs from Delta revealed boarding passes from other airlines, other passengers

Dani Grant, the founder of the security research group Hackers of NY, has reported a serious flaw in the way that Delta and potentially other airlines handle online boarding passes, often displayed on smartphone screens to gain entry to flights. Grand discovered that if she shared the URL to her Delta online boarding pass, anybody could download and potentially redeem it. Even more disturbingly, when she changed with the last digit of the seemingly random numbers in the URL, she could view someone else's online boarding pass, which might even be on an entirely different airline.


Hacker group Lizard Squad taken down by Finest Squad, police

12/16, 8:07pm

Christmas comes early as white hats totally pwn script-kiddie newbs

Since August, a hacker group calling itself the Lizard Squad -- self-described as a handful of 'guys with too much free time on their hands' -- have been entertaining themselves by spoiling other people's fun. Primarily, they've been doing this by attacking online video game services and knocking them offline. An opposing "white hat" group of network security researchers have now exposed members of the Lizard Squad group, leading to the arrest of three members, some of whom had also been involved in bomb threats and other domestic terrorism.


Red October malware updated, targets diplomats, military, executives

12/11, 10:13pm

Un-jailbroken iOS devices safe from attack; Android, Windows smartphones at most risk

Beginning in Russia and spreading quickly to other countries, a new variation on the formerly-dormant Red October malware has been detected by security firms such as Blue Coat and Kaspersky this week. The new version -- which is notably targeting smartphones of diplomats, military leaders and business executives -- contains a level of sophistication in the function and code that suggests a rogue state, which would have the resources to assemble the talent, is backing the attack.


Sony Pictures strikes back against hacker hijackers

12/11, 1:56am

Employs DDoS attacks, enlists Amazon Web Services to block distribution

In a surprising twist to the ongoing saga of an attack on Sony Pictures' internal computer system by unidentified hackers (likely to be from North Korea), the studio is starting to fight back by leveraging Amazon Web Services to carry out distributed denial of service (DDoS) attacks on identified servers that contain files stolen from Sony over the last month. Taking a page from its own playbook, the media conglomerate is flooding suspect servers with dummy files, a sequel of sorts to anti-piracy attacks carried out by the firm in conjunction with Media Defender seven years ago.


China arrests 'WireLurker' malware suspects, takes down servers

11/17, 7:00pm

Sophisticated malware used forged enterprise provisioning to enter iOS through OS X

Apple's iOS, when un-jailbroken, is so resistant to malware that three Chinese suspects had to come up with an exceedingly clever method of delivering the "WireLurker" threat to the company's mobile devices. On Monday, Chinese officials announced they had arrested the three suspects, and shut down the servers hosting the malware. The threat was never widespread because of the elaborate nature of the scheme and its China-only focus, but it was one of the few malwares able to get onto un-jailbroken iOS devices.


Pangu iOS 8.1 jailbreak comes to Macs

11/10, 11:33am

Supports all recent iOS devices

Pangu's iOS 8.x/8.1 jailbreak tool has been successfully ported to the Mac, its creators have announced. As with the original Windows edition of the jailbreak, it supports all iOS 8-capable devices, including even the iPhone 6, 6 Plus, iPad Air 2, and iPad mini 3. The Pangu team cautions that people should backup a device before beginning, and also restore if they've downloaded any over-the-air firmware updates.


Apple web crawler discovered: may augment Siri, Spotlight searches

11/06, 6:10pm

Simple website indexing bot suggest Apple increasing its bypassing of search engines

Apple has its own automated bot for crawling and indexing HTML websites, and the crawler has been operating since at least October 15, according to the developer who discovered it. The simplistic bot only requests info on HTML pages, ignoring CSS, JavaScript or image files, thus making it unlikely that Apple or an employee using Apple's servers is developing any sort of in-house full search engine as an alternative to Google or Microsoft's Bing, both of which are used as defaults in different Apple programs.


'Wirelurker' malware targets iOS through OS X enterprise provisioning

11/05, 7:04pm

Can affect non-jailbroken iOS devices; currently distributed through unofficial Chinese store

A new malware threat to iOS has been discovered that can invade the normally well-protected mobile system through a flaw in OS X and USB that allows packages to be installed through enterprise provisioning. Called "WireLurker," the malicious OS X application (once installed) will monitor for new iOS package installs, and then exploits a weakness in USB to install malware into the target iOS device. Once it is installed, the iOS malware tries to harvest personal data like contacts.



Connect with Us

FREE Apple, iPhone and Mac Newsletter

  • We will not share your email address with anyone.

    Follow us on Facebook


    Most Popular


    Recent Reviews

    Polk Hinge Wireless headphones

    Polk, a company well-established in the audio market, recently released a new set of headphones aimed at the lifestyle market. The Hin ...

    Blue Yeti Studio

    Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

    ZTE Spro 2 Smart Projector

    Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...


    Most Commented