As per the researchers of security, they have discovered the powerful surveillance app which was designed in such a way that it can target the iOS users and can spy on them also. Earlier this app was designed for the Android devices only, but now it can target the iPhone users also. This spy app was discovered by the researchers of Lookout, which is a mobile security firm. As per a developer, it said the Apple had issued the certificates for the enterprise so that they can bypass the tech giant’s app store to infect the unsuspecting the victims.
It is said that, when you installed this app on your iPhone after it gets successfully installed, it can then go for the getting information about you from the phone contacts and can access the photos, videos, audio recordings and other things that include the location data also. Apart from this all things that the app is capable of carrying out, it can also get access to listen to the conversations that you do with the people. This was confirmed by the researchers who all founded about this app.
Till now there was no report about any type of leak data about any people, but it is believed that the researchers have targeted about this malicious app which was served from the fake sites that are present in Turkmenistan and Italy. As per the researchers, it is seen that they have linked the app with the makers of the earlier Android app. This app was developed by the Italian surveillance app maker known as Connexxa which is known to be in use by the Italian authorities.
The app named as Exodus was said to be have dubbed near to hundred of victims who all have installed this app on their smartphones. It is seen that this app had got the larger feature set and it expanded the spying capabilities which is done by downloading the additional exploit which is designed to gain the root access the device. This access was given by the device near to complete the access to the data of the device, and that includes cellular data, emails, Wi-Fi passwords, and other things. Security said this Without Borders.
It was said that both of the apps usually use the same type of infrastructure, but in case of iOS app, they use the other techniques which include the certificate pinning. This pinning helps in making the things difficult to analyze the traffic that the network gets. This was confirmed by Adam Bauer who is the senior staff security intelligence engineer of Lookout.
Adam added by saying that this is one of the reasons which indicates that the professional group was responsible for this software. He too said that in Apple, this app was not widely distributed, but Connexxa had signed the app with the help of enterprise certificate that was issued to the developer by Apple. Due to this, it allows the app maker to bypass Apple’s strict app store checks and finally got into iOS.