A powerful surveillance app, which was first designed for Android is now targeting the iPhone users, says techcrunch. This spy app, dubbed ‘Exodus’ was discovered by the research team at mobile security firm Lookout. They said that its developer abused their Apple-issued enterprise certificates to bypass the tech giant’s app store to infect unsuspecting victims.
Once installed, this carrier assistance app will take the owner’s personal information, contacts, audio recordings, photos, videos and other device information. The real-time lactation data can also be hacked by this app. The calls may also be leaked. There was no data regarding who might have been targeted.
Zack Whittaker, the security editor at TechCrunch said “Security researchers have discovered a powerful surveillance app first designed for Android devices can now target victims with iPhones”.
“Although the Android version was downloadable directly from Google’s app store, the iOS version was not widely distributed. Instead, Connexxa signed the app with an enterprise certificate issued to the developer by Apple, said Bauer, allowing the surveillance app maker to bypass Apple’s strict app store checks”, said Whittaker.
Many victims were trapped by the Android app, dubbed Exodus, either by installing it or having it installed. According to ‘Security Without Borders’, this spy app has a larger feature set and expanded spying capabilities by downloading an additional exploit designed to gain root access to the device, giving the app near complete access to a device’s data, including emails, cellular data, Wi-Fi passwords and more. Exodus is reportedly made an in Italian company called eSurv.
Image courtesy: phone. instantcheckmate. com / images are subject to copyright