Register to stream ATT&CKcon 2.0 October 29-30


WireLurker is a family of macOS malware that targets iOS devices connected over USB. [1]

ID: S0312
Platforms: iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1458 Exploit via Charging Station or PC WireLurker monitors for iOS devices connected via USB to an infected OSX computer and installs downloaded third-party applications or automatically generated malicious applications onto the device. [1]
Mobile T1406 Obfuscated Files or Information WireLurker obfuscates its payload through complex code structure, multiple component versions, file hiding, code obfuscation and customized encryption to thwart anti-reversing. [1]