Researchers at security firm Lookout recently discovered an iOS version of Exodus spyware that typically targets Android devices. Before you go wiping your iPhone to ensure you aren’t being spied on, it’s worth noting that the iOS version of the malware has only been found in third-party app marketplaces and hasn’t made its way into the walled garden that is Apple’s official App Store.
According to Lookout, Exodus for iOS was found on a number of phishing sites that were designed to trick customers of mobile carriers in Italy and Turkmenistan. The spyware was determined to be a stripped down port of the Android version. If installed on a device, the malicious software could steal contacts, photos, videos and audio recordings, GPS information and device location data. An attacker could use the app also perform on-demand audio recordings. The iOS variant of Exodus uploaded the stolen information to the same server as the Android malware, suggesting a direct connection between the attacks.
The Exodus attack initially used enterprise certificates signed by Apple, which made it possible for victims to install the app on their device despite downloading it outside of the App Store. Apple has since revoked those certificates, meaning the attack has largely been squashed. Still, it’s a good reminder that iOS devices aren’t immune to attacks. It’s best to stick to Apple’s official App Store to avoid falling victim to spyware.