Need help with WireLurkerDetector?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

412 Stars 72 Forks ISC License 26 Commits 9 Opened issues


Script for detecting the WireLurker malware family

Services available


Need anything else?

Contributors list

WireLurker Detector


This project provides script and/or tool to detect the WireLurker malware family found by Palo Alto Networks in Nov 2014.

For details of the WireLurker:


Usage for OS X users

  1. Open the Terminal application in your OS X system;

  2. Execute this command to download the script:

  curl -O
  1. Run the script in the Terminal:
  1. Read the output messages and detection result.

For Windows users

We described how to technically detect the Windows variant of WireLurker in this document: . Please take a look at it if you would like to contribute on it.

Here are some Windows detection tools developed by others. Remember to thanks them!

  • by ltfish
  • by kaustubhsant


For any issue on the code and its result, please create a issue here:

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.