It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Apple gets Exodus spyware Apple gets Exodus spyware
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Apple gets Exodus spyware
Reply
 
Thread Tools
Old 10th April 2019, 10:02   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 153,575
Stefan Mileschin Freshly Registered
Default Apple gets Exodus spyware

Following Android again

When the surveillance tool dubbed "Exodus" started appearing on Android, the Tame Apple Press made a big thing about how its favourite operating was safe.

The spyware "can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices" so it is pretty nasty. Google booted a raft of Exodus-laden apps last month.

Now it turns out that iOS versions are available, admittedly outside the App Store, through phishing sites that imitate Italian and Turkmenistani mobile carriers.

To make matters worse for Apple the designers of the software abused the Apple Developer Enterprise programme.

According to Security Without Borders, the spyware appears to have been under development for at least five years. It's a three-stage affair, starting with a lightweight dropper that then fetches a large second-stage payload that contains multiple binaries with most of the spy goods housed within them. Finally, a third stage typically uses the Dirty COW exploit (CVE20165195) to obtain root privileges on a targeted device. In delving into the technical details

Lookout saw evidence of a fairly sophisticated operation, suggesting that it may have been initially marketed as a legitimate package for the government or law-enforcement sectors.

The cybercriminals used Apple's enterprise provisioning system, which allowed them to sign the apps using legitimate Apple certificates. The iOS version of the software is not as well written as the Android version. It lacks the ability to exploit device vulnerabilities.

But it could still use documented APIs to exfiltrate contacts, photos, videos and user-recorded audio recordings, device information and location data; and, it offered a way to perform remote audio recording, though this required push notifications and user interaction.

Apple has revoked the affected certificates for these apps.

https://fudzilla.com/news/mobile/484...exodus-spyware
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
HTC's Exodus smartphone is about much more than Bitcoin Stefan Mileschin WebNews 0 1st March 2019 12:43
Metro Exodus Update Sharpens DLSS Stefan Mileschin WebNews 0 28th February 2019 10:58
Metro Exodus Settings and APIs Tested Stefan Mileschin WebNews 0 18th February 2019 08:54
Metro Exodus Benchmark Performance, RTX & DLSS @ TechPowerUp Stefan Mileschin WebNews 0 14th February 2019 09:27
Metro Exodus to use Hairworks, PhysX and RTX Stefan Mileschin WebNews 0 6th September 2018 15:11
HTC's blockchain 'Exodus' phone launches this fall Stefan Mileschin WebNews 0 11th July 2018 09:36
Metro Exodus comes on February 22nd, 2019 Stefan Mileschin WebNews 0 13th June 2018 10:04
HTC's 'Exodus' blockchain phone is made for a decentralized future Stefan Mileschin WebNews 0 16th May 2018 11:09
Mac App Store: the subtle exodus Stefan Mileschin WebNews 0 15th October 2014 09:20
In and out: a look at HTC's two-year executive exodus Stefan Mileschin WebNews 0 18th July 2014 08:19

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 09:07.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
SEO by vBSEO