Lookout security company, in her research, has detected powerful spyware software that targeted iPhone users. The application “disguises” as a provider’s application and can secretly record conversations, photos, videos, contacts, and the live user’s live site. It can also be turned off remotely to listen to user conversations. Though there are no signs of what the spyware targets were.
Spyware software was originally developed as an Android application named Exodus, but it also found its way into the iPhone. The developer has managed to pass Apple’s control, using corporate certificates that exist for applications distributed internally to various companies and are not intended to be released to the general public.
Such incidents are not isolated, as TechCrunch had discovered a few applications exploiting such certificates a few months ago to circumvent Apple’s rigorous rules on publishing new applications.
Finally, Lookout officially published its findings and Apple immediately revoked the application creator’s certificate and removed it from the App Store as well as disabling any application installed using this certificate.