Malware Out to Take Over Apple: iOS Users Targeted by New Espionage Campaign
For the longest time, Apple product users have enjoyed security more than any other users of different operating systems. The company has prided itself for having seemingly invincible devices and systems that detect and keep away cyber criminals.
However, a new malware campaign has been discovered to be targeting iOS devices. The malware has been found to be linked to various parties such as governments, media sectors, and European defence organizations.
The said malicious spyware is feared to have the capacity to breach devices which have not been jail-broken.
The newest spyware to have littered the track record of iOS has been dubbed as Operation Pawn Storm. The security experts confirmed that the same espionage spyware has been detected to target Windows devices in the previous year. However, it has now crawled its way into targeted iOS gadgets. The researchers working on the security issue were from the TrendLabs IT and security firm.
The XAGENT Spyware App
The malware detected has two spywares to be exact. One of these is in fact an application. The same security researchers have named the app as XAgent. This is the same campaign which endeavours to install and control the iOS devices.
The researchers further noted that the same app is a completely functional malware. The exact methods by which the malware is installed is not yet known. However, the security team noted that the iOS devices which are vulnerable are those that are not jail-broken. The researchers have also witnessed one instance wherein the malware popped a message asking the user to tap the device to install the Application.
Once the unsuspecting falls victim to this bogus message, it will take them to a fake website. The same site distributes the spyware through the Apple Company’s ad-hoc provisioning feature. The said feature intends for developers and enterprises to disseminate their apps to a small group of users which will allow the users to sidestep the App Store.
What does the XAgent Collects?
After the users have installed the spyware XAgent, it will have the capability to collect contact lists, photos, text messages, geolocation details, and other information obtained from existing apps and WiFi status.
All these details are accumulated and sent back to the servers run by hackers. The spyware is also equipped with the capacity to turn on the device’s microphone and record everything it can detect.
The MadCap Gaming Spyware
Another spyware included in the campaign is called MadCap. It is disguised as a gaming application but is really a part of the Operation Pawn Storm. The spyware focuses on recording audio information. It functions similarly to XAgent. However, the spyware can breach into jail-broken iOS devices.
The researchers noted that the iOS malware apps are being constantly updated and maintained by the attackers.