How to check if your jailbroken iOS device is infected with WireLurker malware

BY Jason

Published 6 Nov 2014


Yesterday, a research paper brought to light a new malware called ‘WireLurker’ that is infecting iOS devices and Macs in China. The malware can infect both jailbroken and non-jailbroken devices when connected to an infected Mac through USB.

If you’re jailbroken, you can easily check if you’ve been infected with WireLurker by following these steps:

  • Open iFile or SSH into your iOS device.
  • Navigate to /Library/MobileSubstrate/DynamicLibraries
  • If you see a file called sfbase.dylib then you likely are infected. If not, then you’re safe.

Apple issued a statement on WireLurker this morning saying that it is blocking apps that are identified to be the source of this malware, and added that users should only install Mac and iOS apps from trusted sources.

While the intentions of this malware are not yet known, it could siphon off your personal and private data to third-party servers for malicious use.

If you haven’t jailbroken your iOS device on iOS 8 – iOS 8.1 yet, then check out our guide for the step-by-step instructions.

How to Jailbreak iOS 8 – iOS 8.1 on Windows

How to Jailbreak iOS 8 – iOS 8.1 on Mac using a virtual machine

[via reddit]