‘HTH官网’中国数十万苹果设备或已染病毒
本文摘要:Compared with Android phones or Windows PCs, Apple’s products are relatively impervious to malware, which is what makes WireLurker so interesting.比较安卓(Android)手机和Windows电脑而言,苹果的产品不过于更容易受到恶意软件的肆虐,这让本次WireLurker事件关注度颇高。Compared with Android phones or Windows PCs, Apple’s products are relatively impervious to malware, which is what makes WireLurker so interesting.比较安卓(Android)手机和Windows电脑而言,苹果的产品不过于更容易受到恶意软件的肆虐,这让本次WireLurker事件关注度颇高。According to Palo Alto Networks, a California company that sells firewalls to businesses, a new family of malware has been quietly infiltrating OS X and iOS devices for the past six months, gathering information and preparing for some kind of unspecified attack.据坐落于加州的企业防火墙公司帕洛阿尔托网络(Palo Alto Networks)称之为,在过去六个月中,一种新的恶意软件悄悄入侵了装有OS X和iOS系统的设备,这种软件不会收集信息,并筹划某些未明反击。The researchers who discovered the plot called it WireLurker because it can infect even pristine, non-jailbroken iPhones and iPads through computer cables.找到这种软件的研究人员将其称为WireLurker(意为“数据线潜伏者”),因为它可以通过电脑数据线病毒感染甚至是原装非逃脱的iPhone和iPad。
There are no reports of WireLurker infecting Apple devices outside China, and Apple says it has taken steps to prevent that from happening.目前在中国境外,尚能没WireLurker病毒感染苹果(Apple)设备的报导。苹果公司回应,早已采取措施制止该病毒感染苹果设备。“We are aware of malicious software available from a download site aimed at users in China, and we’ve blocked the identified apps to prevent them from launching,” anspokesperson told Fortune. “As always, we recommend that users download and install software from trusted sources.”苹果发言人对《财富》(Fortune)回应:“我们于是以紧密注目这种恶意软件,它来自于某个面向中国用户的下载站。我们证实并制止了它的运营。
如整天一样,我们建议用户从可信来源iTunes和加装软件。”The fact that someone found a way to do it has to be troubling news for Apple, which markets itself as the company that protects its users’ privacy and keeps them safe.有人寻找了反击苹果设备的方法,这对于仍然以来声称自身需要维护用户隐私和安全性的苹果而言,觉得是件麻烦事。
攻陷苹果的防卫体系并不精彩,它还必须中国数十万部逃脱的iOS设备作为启动基础。Getting through Apple’s defense systems wasn’t easy, and it required the breeding ground of hundreds of millions of jailbroken Chinese iOS devices to get started.帕洛阿尔托网络公司第42单元的研究人员通过WireLurker跟踪到了中国一家取名为“麦芽地(Maiyadi)”的第三方Mac应用于商店。根据公司周三公布的白皮书表明,那里流入了467个受到感染的应用于,这些应用于总共被iTunes了多达356,104次。也就是说,有可能有数十万用户早已受到恶意软件的影响。
Researchers at Palo Alto Network’s PANW 3.50% Unit 42 traced WireLurker to a third-party Mac application store in China called Maiyadi App Store. There it “trojanized” 467 OS X applications, according to a white paper published Wednesday, and those apps were downloaded more than 356,104 times. In all, hundreds of thousands of users may have been affected.用户必须变更Mac电脑上的安全性设置,并忽视自动弹出有的好几次警告,才能顺利iTunes带病毒的应用于。To download the infected apps, users would have had to change the security settings on their Macs and ignore several pop-up warnings.应用于一旦加装顺利,就不会按照原作好的指令,病毒感染多个移动设备。But once installed, the apps could make the leap to devices that followed all the rules.以下是帕洛阿尔托网络公司公布的新闻稿:From Palo Alto Network’s press release:“如果一台OS X电脑病毒感染了WireLurker病毒,任何通过USB数据线与该电脑相连的iOS设备,无论否逃脱,都会被监控并自动加装iTunes好的第三方应用于或自动分解的蓄意应用于。
这就是为何我们叫它WireLurker(数据线潜伏者)。”WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken. This is the reason we call it ‘wire lurker’…“WireLurker可以盗取不受病毒感染的移动设备上的多种信息,还能定期向黑客的指挥官和掌控服务器发送升级催促。
黑客正在大力地研发这个恶意软件,其目的尚能不具体。”Security experts have long debated why it is that Apple’s computers were spared the waves of malware that have infected competing systems over the years. Was it because Apple’s systems were inherently more secure? Or because there weren’t enough Macs out there to make an interesting target?恶意软件侵袭苹果竞争对手的系统有数多年,而苹果电脑却一直幸免于难,安全性专家对其中缘由争辩已幸。
是苹果系统本身就更为安全性吗?还是因为Mac电脑数量过于较少,黑客没兴趣反击它?In the post-PC era, with Apple selling hundreds of millions of devices per year, the “security by obscurity” theory may get put to the test.在后PC时代,苹果每年都会卖出数十万台设备,“被忽视所以安全性”的理论将不会获得检验。Meanwhile, Palo Alto Networks offers some advice:与此同时,帕洛阿尔托网络公司获取了一些建议:o In the OS X System Preferences panel under “Security Privacy,” ensure “Allow apps downloaded from Mac App Store (or Mac App Store and identified developers)” is seto 在OS X系统的系统偏爱设置里的“安全性与隐私”中,请选择“仅有容许从Mac应用于商店iTunes的应用程序 ”(或“仅有容许来自Mac应用于商店或来自苹果接纳的开发者的应用程序 ”)o Do not download and run Mac applications or games from any third-party app store, download site or other untrusted sourceo 不要iTunes和运营来自第三方应用于商店、下载站和其他不能信来源的Mac应用于及游戏o Keep the iOS version on your device up-to-dateo 确保移动设备上的iOS系统是最新版的o Do not accept any unknown enterprise provisioning profile unless an authorized, trusted party (e.g. your IT corporate help desk) explicitly instructs you to do soo 不要拒绝接受任何未知企业的配置文件,除非是取得许可的可靠方(比如喜公司IT部门的协助中心)具体让你这么做到o Do not pair your iOS device with untrusted or unknown computers or deviceso 不要将你的iOS设备与受信任或不得而知的电脑或设备筛选o Avoid powering your iOS device through chargers from untrusted or unknown sourceso 防止用受信任或不得而知来源的充电器给你的iOS设备电池o Similarly, avoid connecting iOS devices with untrusted or unknown accessories or computers (Mac or PC)o 与此类似于,防止将你的iOS设备与受信任或不得而知的配件或电脑(Mac或PC机)相连o Do not jailbreak your iOS device; If you do jailbreak it, only use credible Cydia community sources and avoid the use or storage of sensitive personal information on that deviceo 不要给你的iOS设备逃脱。
本文来源:HTH官网-www.84rc.com
扫一扫关注微信公众帐号