A cybersecurity firm, Lookout has discovered an iOS spyware which abused Apple-issued enterprise certificates to infect an iOS user’s phone. The spyware is named Exodus and was developed by an Italian app maker Connexxa.
The assistance app once installed on a phone is capable of accessing a victim’s contacts, photos, videos, audio recordings, and real-time location data. The researchers revealed that the app could be triggered remotely to access such data. The app has been distributed from the fake sites assuming the identities of cell carriers in Italy and Turkmenistan.
Researchers at the security firm noted that the iOS versions of the spyware tool were possibly developed for lawful intercept purposes by governments. For now, the count of the people affected is not known.
While the Android version was downloadable from the Google Play Store, the iOS version was not accessible from the App Store. The spyware was first discovered by another cybersecurity firm called Security Without Borders last month when they found the spyware hidden in an app uploaded on the Play Store. This version for the iOS though is being said to be a weaker counterpart of the Android spyware. Apple has currently revoked the app maker’s certificates taking all of its apps offline.