This project provides script and/or tool to detect the WireLurker malware family found by Palo Alto Networks in Nov 2014.
For details of the WireLurker:
Usage for OS X users
Open the Terminal application in your OS X system;
Execute this command to download the script:
curl -O https://raw.githubusercontent.com/PaloAltoNetworks/WireLurkerDetector/master/WireLurkerDetectorOSX.py
Run the script in the Terminal:
Read the output messages and detection result.
For Windows users
We described how to technically detect the Windows variant of WireLurker in this document: HOWTO-Windows.md . Please take a look at it if you would like to contribute on it.
Here are some Windows detection tools developed by others. Remember to thanks them!
- https://github.com/ltfish/WireLurkerCleaner by ltfish
- https://github.com/kaustubhsant/WireLurkerDetector by kaustubhsant
For any issue on the code and its result, please create a issue here: https://github.com/PaloAltoNetworks/WireLurkerDetector/issues