Researchers have found the iOS version of the Exodus Android spyware that was discovered in the Google Play Store earlier this year.
Security researchers discover iOS version of Exodus Android spyware.
— Catalin Cimpanu (@campuscodi) April 8, 2019
Earlier this year, Exodus has been found in more than 20 apps on Google Play Store. The malware is believed to have been developed by the Italian firm eSurv, which has commercial connections to the Italian government.
Jake Moore, Cyber Security Specialist at ESET:
“It’s rare for hackers to break into Apple’s locked down ecosystem. The myth has long been that Apple devices are impenetrable, but this just goes to show that it is worth staying vigilant however secure you think your device is.
Apple eventually revoked the certificates but it is always a good idea to read reviews of apps online to check their authenticity and remove any apps you don’t require.”
Will LaSala, Director of Security Solutions, Security Evangelist at OneSpan:
“This underscores that relying on Google or Apple to detect malicious apps is not a safe idea. Customers should look to protect their own apps with app shielding rather than look towards the platform vendors for increased security. Platform vendors tend to error on the side of convenience rather than security. As such, app developers and companies deploying apps really need to take security into their own hands to ensure their users are protected.”