Last week, we told you about a new malware found in Mac and iOS devices called WireLurker. Mainly found in China, this malware uses USB connections to infect iOS devices via a Mac. The origin of the malware is said to be from third-party Mac App Stores that offer cracked softwares and games. If you were wondering how to find out if your iOS device is infected, then here’s a simple guide on how to find the WireLurker malware and delete it from your iOS device.
Since the WireLurker malware affects both jailbroken and non-jailbroken devices, we will tell you how to find and delete it on both. Follow the steps below:
On Jailbroken Devices:
- Install a File manager such as iFile or Filza. You could also use SSH capabilities to gain access to your iDevice from your Mac or PC.
- Go to /Library /MobileSubstrate /DynamicLibraries
- If there’s a file named ‘sfbase.dylib,’ your device is infected and you need to delete this file.
- Perform a restore if the file is found.
On Non-Jailbroken Devices:
- In Settings, go to General>Profile
- If you find any strange profile listed here, then know that your device is infected. Delete the profile.
- Also check for strange apps that may have popped up without your knowledge. Delete them.
- Perform a fresh restore.
If you are outside of China, it is highly unlikely that your device is infected. Apple too has blocked all apps that are infected. However, it is better to be sure. Let us know if you found this malware on your iOS device.
Wow what a malware, am a mobile substrate extentions developer and looked for this file on the internet and then after decompiling it, wow this malware wont brick ur device but it will make you create a fresh restore and start all over, i highly recommend that you stop downloading mac softwares that hack apps.