Remember meForgot password?
    Log in with Twitter

article imageiPhone users targeted by new spyware threat

By Tim Sandle     Apr 9, 2019 in Technology
Users of iPhones face a new cybersecurity risk, stemming from a new surveillance app. The app was first designed for Android devices before being re-presented as an iPhone app.
The new spyware was spotted by security researchers working at Lookout. According to TechCrunch, the spy app developer managed to circumvent Apple's app store by providing the app for download on mirror sites (which enabled the surveillance app developer to bypass Apple’s strong app store checks). Once downloaded the app could infect unsuspecting victims.
The malicious app was available from fake sites which appeared to be iPhone carriers located in Italy and Turkmenistan. These sites were disguised as information pages for the real mobile telecom companies Wind Tre SpA (from Italy) and TMCell (of Turkmenistan).
The risk arising from disguised carrier assistance app is that, once it is installed, the software can copy the iPhone user's contacts, audio recordings, photos, videos and together with other device information such as real-time location data. Furthermore, the spyware can be remotely triggered to listen in on conversations.
The app was similar to one that was previously detected on and infecting some Android devices, named Exodus (and composed of two stages termed Exodus One and Exodus Two). It is estimated that nearly 25 variants of this spyware were uploaded on Google Play Store. On being notified by Security Without Borders, Google Play has removed the apps. In many ways, the new iPhone app shares a similar structure to that of Exodus which suggests that they came from the same developer.
It is unknown how many people may have the spyware on their phones and no information as to how many have been targeted. Speaking with Wired, Adam Bauer, a senior staff security intelligence engineer at Lookout stated: "In terms of capabilities on the iOS side, they’re doing pretty much everything I’m aware of that you can do through documented Apple APIs, but they’re abusing them to do surveillance-type activities."
More about Spyware, iPhone, Virus, Apple
Latest News
Top News