iPhone users are in serious danger as an Exodus identical android spyware invades iOS.
A team of researchers from Lookout, a mobile security firm discovered that Exodus now has a version capable of putting iPhone users at risk. Exodus was originally designed to ensnare android users.
How dangerous is the iOS version of Exodus?
An iOS version of Exodus is now putting iPhone users in serious danger as it targets victims from the unsuspecting Apple customers. The powerful surveillance app once installed is capable of accessing an iPhone user's photos, videos, audio recordings, device location, and GPS information.
The powerful spy app was found on multiple numbers of third-party app stores in Italy and Turkmenistan dangerously claiming to be cell carriers. The researchers further found out that the iOS version of Exodus could even be triggered remotely to spy on an iPhone user's conversations.
How did Exodus enter within the iOS boundary?
Lookout researchers found out that the developer of the iOS version of Exodus used the Apple enterprise certificate to invade iPhones. The developer bypassed the iPhone app store's strict app store check by abusing the enterprise certificate and using it as a bait to entice the users.
The iOS version of Exodus did not technically invade the iOS since it is only available for download from third-party phishing sites. The developer of the powerful surveillance app disguised as cell carrier uses the Apple-issued enterprise certificate to make the downloading and installation possible even if the spy app was not acquired from Apple's official app store and is not widely distributed.
What is Apple doing to eliminate the risk?
Upon discovery of the abuse that the developer of the iOS version of Exodus is dong, Apple immediately revoked the enterprise certificate issued to them. The tech giant also disabled every iPhone installed app from the said developer making it impossible for them to run offline.
How can iPhone users avoid danger?
The Apple-signed enterprise certificates are intended to be used under the tech giant's rules. However, the iOS version of Exodus is a clear manifestation that the certificates can be abused and that iOS users are not immune to danger.
Sticking to Apple's official app store remains to be the safest move for iPhone users to do to avoid the powerful spyware attacks such as the Exodus. Apple's strict app store check gives the assurance that no surveillance spyware invades iOS.
