Script for detecting the WireLurker malware family
This project provides script and/or tool to detect the WireLurker malware family found by Palo Alto Networks in Nov 2014.
For details of the WireLurker:
Open the Terminal application in your OS X system;
Execute this command to download the script:
curl -O https://raw.githubusercontent.com/PaloAltoNetworks-BD/WireLurkerDetector/master/WireLurkerDetectorOSX.py
We described how to technically detect the Windows variant of WireLurker in this document: HOWTO-Windows.md . Please take a look at it if you would like to contribute on it.
Here are some Windows detection tools developed by others. Remember to thanks them!
For any issue on the code and its result, please create a issue here: https://github.com/PaloAltoNetworks-BD/WireLurkerDetector/issues