The WireLurker malware targets Apple iOS devices and Mac OS, and has been out in the wild for the past six months, according to Palo Alto Networks. The malware spreads by installing malicious third-party applications to iOS devices that are connected to a Mac OS-powered machine by USB connection. The malware is isolated in China at the moment, originating from the Maiyadi App Store - many of the apps aren't Apple approved.
The malware was found in 467 apps through the Maiyadi App Store - almost all of the Mac OS apps - with more than 356,000 downloads.
"You are unlikely to be hit with this malware unless you are using a third-party OS X app store and changed default OS X Security & Privacy settings to 'allow apps downloaded from: Anywhere," said Marc Maiffret, security firm BeyondTrust's CTO.
"We are aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching," Apple has confirmed. "As always, we recommend that users download and install software from trusted sources."