“The spy app, found by researchers at mobile security firm Lookout, said its developer abused their Apple-issued enterprise certificates to bypass the tech giant’s app store to infect unsuspecting victims,” Whittaker reports. “Researchers linked the app to the makers of a previously discovered Android app, developed by the same Italian surveillance app maker Connexxa, known to be in use by the Italian authorities.”
“The Android app, dubbed Exodus, ensnared hundreds of victims — either by installing it or having it installed. Exodus had a larger feature set and expanded spying capabilities by downloading an additional exploit designed to gain root access to the device, giving the app near complete access to a device’s data, including emails, cellular data, Wi-Fi passwords and more, according to Security Without Borders,” Whittaker reports. “Although the Android version was downloadable directly from Google’s app store, the iOS version was not widely distributed. Instead, Connexxa signed the app with an enterprise certificate issued to the developer by Apple, said Bauer, allowing the surveillance app maker to bypass Apple’s strict app store checks.”
Read more in the full article here.
MacDailyNews Take: “After researchers disclosed their findings, Apple revoked the app maker’s enterprise certificate, knocking every installed app offline and unable to run,” Whittker reports.
The best Google could manage was to take down the Google Play Store pages that they knew about.