惡意軟件瞄準中國蘋果設備用戶大綱

Researchers at a Silicon Valley security company said on Wednesday that they had found a new manner in which hackers can infect Apple products.
週三，硅谷(Silicon Valley)一家安全公司的研究人員表示，他們發現了一種黑客攻擊蘋果(Apple)產品的新方式。

The company, Palo Alto Networks, reported that it had uncovered a malware campaign called WireLurker targeting Apple mobile and desktop users and said it was “the biggest in scale we have ever seen.”
帕洛阿爾託網絡公司(Palo Alto Network)報告稱，該公司發現了一種名爲WireLurker的針對蘋果移動設備及臺式電腦的惡意軟件，並稱“這是我們見過的規模最大的惡意軟件”。

Though the malware — malicious software designed to cause damage or steal information — is aimed at users in China and can be avoided, the campaign demonstrates new ways that attackers are targeting Apple iOS mobile devices.
雖然這款惡意軟件——旨在造成損害或盜取信息的軟件——針對的是中國的用戶，而且能夠避免，但此次行動展示了攻擊者侵襲裝有蘋果iOS系統的移動設備的新方式。

The security company, based in Santa Clara, Calif., said that WireLurker had infected more than 400 applications designed for Apple’s Mac OS X operating system through the Maiyadi App Store, a third-party Mac application store in China. In the last six months, Palo Alto Networks said 467 infected applications were downloaded over 356,104 times and “may have impacted hundreds of thousands of users.”
這家位於加利福尼亞州聖克拉拉的安全公司表示，WireLurker已經通過麥芽地應用商店——中國的第三方Mac應用商店——感染了400多個適用於蘋果Mac OS X操作系統的應用。該公司稱，在過去六個月中，467個被感染的應用已被下載了356104次，“可能已經影響了數十萬用戶。”

The company said users’ iOS devices could also become infected if they connected their mobile device to their Macs through a USB wire. “WireLurker monitors any iOS device connected via USB with an infected OS X computer and installs downloaded third-party applications or automatically generated malicious applications onto the device, regardless of whether it is jailbroken,” Palo Alto Networks security researchers said. “This is the reason we call it ‘wire lurker.’”
該公司稱，用戶如果通過USB連接線將移動設備與Mac電腦連接，用戶的iOS設備也會受到感染。“任何iOS設備只要通過USB連接到受感染的OS X電腦，並安裝下載的第三方應用程序，或自動在設備上產生惡意應用程序，都會被WireLurker監控，不管設備是否已經越獄，”該公司安全研究人員說。“因此我們稱之爲‘wire lurker’（連接線中的潛藏者）。”

Typically, iOS users can download applications from third parties only if they have “jailbroken” their phones, or altered them to run software Apple has not authorized. With WireLurker, an infected application can reach a non-jailbroken phone from an infected Mac OS X system, which is why Palo Alto Network researchers say WireLurker represents a “new brand of threat to all iOS devices.”
iOS用戶通常只有將手機“越獄”——改變手機以運行未經蘋果授權的軟件，才能從第三方下載應用。被Wirelurker感染的應用能夠通過受感染的Mac OS X系統侵襲尚未破解的手機，因此帕洛阿爾託網絡公司的研究人員稱，Wirelurker代表一種“針對所有iOS設備的新威脅”。

Researchers say that once WireLurker is installed on a Mac, the malware listens for a USB connection to an iOS device and immediately infects it. Once infected, WireLurker’s creators can steal a victim’s address book, read iMessage text messages and regularly request updates from attackers’ command-and-control server. Though the creator’s ultimate goal is not yet clear, researchers say the malware is actively being updated.
研究人員稱，一旦WireLurker被安裝到Mac電腦上，這款惡意軟件就會等待用戶通過USB連接iOS設備，然後立即感染該設備。一旦被感染，WireLurker的製造者就能竊取受害人的通訊簿、讀取iMessage中的短信並定期從攻擊者的指揮控制服務器發出更新請求。儘管尚不清楚製造者的最終目的，但研究人員稱，有人正在積極更新該惡意軟件。“They are still preparing for an eventual attack,” said Ryan Olson, the director of threat intelligence at Palo Alto Networks. “Even though this is the first time this is happening, it demonstrates to a lot of attackers that this is a method that can be used to crack through the hard shell that Apple has built around its iOS devices.”
“他們還在爲最後的攻擊做準備，”該公司威脅情報事務負責人瑞安·奧爾森(Ryan Olson)說。“儘管這種事情是第一次發生，但它向大量攻擊者表明，這種方式可以用來擊破蘋果圍繞其iOS設備構建起的堅硬外殼。”

Mr. Olson said Palo Alto Networks had alerted Apple to its findings, though an Apple spokesman declined to comment on their reports.
奧爾森稱帕洛阿爾託網絡公司已經警告蘋果注意相關發現，但蘋果的一名發言人拒絕就該公司的報告發表評論。

The firm’s advice to Mac and iOS users is to avoid downloading Mac applications or games from any third-party app store, download site or untrusted source, or connecting an iOS device to any untrusted accessories or computers. They also advise users to keep iOS software up to date.
該公司給Mac電腦和iOS用戶的建議是，避免下載任何來自第三方應用商店、下載網站或不受信任的來源的Mac應用或遊戲，並避免將iOS設備與任何不受信任的配件或電腦連接。他們還建議用戶持續更新iOS軟件。

Separately, last Friday a researcher in Sweden announced that he had uncovered a serious new vulnerability in Yosemite, Apple’s latest OS X operating system. The researcher, Emil Kvarnhammar, said the vulnerability, which he calls “Rootpipe,” allows attackers to gain “root access,”or full administrative control, of a victim’s Mac, allowing them to steal information or run programs of their own.
此外，瑞士一名研究人員上週五宣佈，在蘋果最新的OS X操作系統Yosemite中新發現了一個嚴重的漏洞。這位名叫埃米爾·誇恩哈馬爾(Emil Kvarnhammar)的研究人員表示，被他稱作“Rootpipe”的這個漏洞能讓攻擊者獲取受害者Mac的“根權限”，即完全的管理控制權，以竊取信息或運行攻擊者自己的程序。

To date, there is no evidence that the vulnerability has actually been exploited and here, too, it would be difficult for the average Mac user to stumble upon. For hackers to gain control of a Mac, the victim would need to ignore every OS X pop-up security warning.
迄今爲止，尚沒有證據表明已經有人利用了這個漏洞，並且普通Mac用戶也很難遇到。因爲黑客要想控制Mac，受害者必須要忽略OS X彈出的所有安全警告。

Apple is currently patching the Rootpipe vulnerability, but it is not clear when the patch will be completed.
蘋果正在修補Rootpipe漏洞，但尚不清楚修補工作何時完成。