A move that might come as a surprise to many in the Apple fraternity, researchers have discovered a new and powerful surveillance app that was first designed for Android phones and can now target unsuspecting victims with iPhones, according to a report by TechCrunch.
The mobile security firm Lookout which discovered the spy app said that the developers of the spy app abused their Apple-issued enterprise certificates to bypass the tech giant’s app store to target unsuspecting victims.
As per the report, the disguised app once installed in the iPhone can easily target the victim’s contacts, audio recordings, photos, videos, and other device information. The app can also be used to listen to people’s conversation which is the most worrying aspect of this entire snooping exercise carried out by the app.
Although there is no concrete data to find out who might have been targeted, the researchers have found out that the malicious app was served from fake sites claimed to be cell carriers based in Italy and Turkmenistan.
The report further adds that this latest app has been linked to the makers of the previously discovered Android app developed by the surveillance app maker ‘Connexxa’ known to be used by the Italian authorities.
The android app which was dubbed as ‘Exodus’ affected a number of victims and once it was installed, it gained complete control over the device gaining access to emails, cellular data, Wi-Fi passwords and more, according to a report by Security without Borders.
While the Android version was easily downloadable for the Google app store, the same is not the case with the iOS app. For iPhones, Connexxa signed the app with an enterprise certificate which was issued by Apple to the developer, which Apple said is a violation of its rules.
After the findings came to light, Apple has revoked the app maker’s enterprise certificate, making every installed app offline and unable to run.