Malware downloaded more than 65,000 times since March, 97.7% on Windows
Hackers are attacking Windows through the same malware family targeting iOS devices in China, according to the security company Palo Alto Networks.
An older sample of WireLurker was discovered connecting to the command and control (C&C) server that issues instructions to the virus by a security researcher Jaime Blasco from AlienVault Labs, prompting further investigation from Palo Alto, which first reported on the virus.
Claud Xiao and Royce Lu, researchers at Palo Alto, said: "This variant is being distributed by a different Chinese source that is hosting 180 Windows executables and 67 Mac OS X applications, each of which contains a version of the WireLurker trojan.
"The Windows variant opens a new vector for iOS users to be infected with WireLurker, but appears to have been less successful than its Mac OS X descendent."
The malware has been downloaded more than 65,000 times since March 13, with the Windows version accounting for 97.7% of downloads, but all versions target iOS devices which have been configured to download apps from outside Apple’s e-store, or "jailbroken".
Victims using Windows are directed to the iTunes music player on Apple China’s website once the virus has been installed, then instructed to connect their iOS device to their computing once the music player is running.
"The pirated iOS apps that the malware attempts to install are cracked versions of legitimate iOS apps," Xiao and Lu added.