This project provides script and/or tool to detect the WireLurker malware family found by Palo Alto Networks in Nov 2014.
For details of the WireLurker:
- http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-new-era-os-x-ios-malware/
- http://researchcenter.paloaltonetworks.com/2014/11/wirelurker-windows/
-
Open the Terminal application in your OS X system;
-
Execute this command to download the script:
curl -O https://raw.githubusercontent.com/PaloAltoNetworks/WireLurkerDetector/master/WireLurkerDetectorOSX.py
- Run the script in the Terminal:
python WireLurkerDetectorOSX.py
- Read the output messages and detection result.
We described how to technically detect the Windows variant of WireLurker in this document: HOWTO-Windows.md . Please take a look at it if you would like to contribute on it.
Here are some Windows detection tools developed by others. Remember to thanks them!
- https://github.com/ltfish/WireLurkerCleaner by ltfish
- https://github.com/kaustubhsant/WireLurkerDetector by kaustubhsant
For any issue on the code and its result, please create a issue here: https://github.com/PaloAltoNetworks/WireLurkerDetector/issues