The WireLurker malware, known to infect OS X powered Macs and iOS devices has stirred up the Apple community. Known to exist as a threat in China for now, but if you think you’re infected by WireLurker, then here’s how you can remove it before it does any damage.
If you’re jailbroken and believe that you’re affected by WireLurker, then follow the steps which are outlined below. But be warned, the steps might be a little complicated for some users, and if you feel that you don’t want to go through the tedious process, then simply do a clean restore of your iPhone, iPad or iPod touch using iTunes on the latest currently available public iOS release.
For Jailbroken Users
Step 1: Make sure you have iFile installed from Cydia, or the capability to SSH into your iOS device to access system directories.
Step 2: Navigate to /Library > /MobileSubstrate > /DynamicLibraries.
Step 3: Here, look for a file named sfbase.dylib, and if found, you know your device is infected. However, if no such file exists, breathe a sigh of relief.
Normally one would perceive deleting this file as a removal of the threat that WireLurker is, but it is recommended that you do a complete restore of your iOS device from iTunes.
For Non-Jailbroken Users
Although there’s no way you can be infected by WireLurker at this point, considering Apple has placed in appropriate security measures, but, there’s a possibility that you conceived the malware a while back before the Cupertino giant took action. And if you believe that you’re infected, and don’t happen to be jailbroken, then read on.
Step 1: Open the Settings app and go to General > Profile.
Step 2: Check for any anomalous profile listed here, and if you find one delete it.
Step 3: Check all installed apps for strange behavior, and delete all strange or suspicious ones that you find installed.
Again, it is highly recommended that you do a complete restore of your iOS device from iTunes till a more effective and sure fire solution comes up.
Let us know if your iOS device got caught up with this malware, and if you were able to catch it in time. Sound off in the comments section below!