A cybersecurity firm, Lookout has discovered an iOS spyware which abused Apple-issued enterprise certificates to infect an iOS user’s phone. The spyware is named Exodus and was developed by an Italian app maker Connexxa.
The assistance app once installed on a phone is capable of accessing a victim’s contacts, photos, videos, audio recordings, and real-time location data. The researchers revealed that the app could be triggered remotely to access such data. The app has been distributed from the fake sites assuming the identities of cell carriers in Italy and Turkmenistan.
Researchers at the security firm noted that the iOS versions of the spyware tool were possibly developed for lawful intercept purposes by governments. For now, the count of the people affected is not known.
While the Android version was downloadable from the Google Play Store, the iOS version was not accessible from the App Store. The spyware was first discovered by another cybersecurity firm called Security Without Borders last month when they found the spyware hidden in an app uploaded on the Play Store. This version for the iOS though is being said to be a weaker counterpart of the Android spyware. Apple has currently revoked the app maker’s certificates taking all of its apps offline.
Sompo Japan to release a cyber product for IoT firms
iOS users can share Reddit posts on their Snapchat now
Apple Has Improved Siri’s Privacy In iOS 13.2
Instagram Introduces Dark Mode for iOS 13 and Android 10
Gmail Introduces Dark Mode in iOS and Android
© 2020 CIO Bulletin. All rights reserved.