iPhone Users Warned About Malicious Spyware Previously Seen on Android

According to tech experts, the app can also be remotely activated to directly listen in on one's conversations using a smartphone or tablet's microphone.
Sputnik

An iOS app that targets contacts, audio recordings, photos and videos, and other personal data stored on mobile phones, has been detected by tech experts.

The number of people who have fallen victim to the malicious spyware is yet unknown. However, the nature of the app has been identified as mirroring the infrastructure of Exodus, an Android spyware platform downloaded by users from the Google Play Store.

Disguised as service applications, the reported iOS malicious app, much like Exodus, aims to collect, extract and send on the information about a user's device and data.

Beware of Exodus Spyware That Can Hack Your Phone Number & More - Security Group
While attackers were able to launch Exodus directly in the Google Play Store, the iOS version of the spyware used an enterprise certificate in order to bypass Apple's App Store rules. The users would download the app directly into their phones.

The iOS app also uses certificate pinning, to mask its network traffic, making it difficult to study. Attackers were reported to set up phishing traps, sending users to allegedly legitimate websites — mobile telecom companies Wind Tre SpA (from Italy) and TMCell (of Turkmenistan) — where they would ultimately download the app.

Exodus is allegedly capable of exposing infected devices to further compromise or data tampering. The mobile apps containing Exodus may stay on Google Play Store for months at a time, and be re-uploaded if removed. Both Exodus and its iOS version have been blocked by the respective play stores.

However, experts remain vigilant in their cautions against phishing links and downloading apps from sources other than official Google and Apple app stores. 

Discuss