Several security vendors have discovered that spyware is hiding in applications hosted on Google Play and the Apple Store. The problem is that the publisher of spyware works for the Italian authorities.
Developed by the Italian publisher Connexxa, the Exodus application created the controversy, 10 days ago, after the discovery of Security Without Borders security experts. They had discovered a software spy hiding in an application Android for customers of a provider of access to internet Italian.
Back in the wire, these experts discovered that about twenty applications were infected, and more importantly, this spyware was developed by a publisher of surveillance tools for.
The Italian authorities who used it as a spy! What a blatant suspicion of state espionage, especially as this spyware was able to recover SMS, conversations on Facebook and Whatsapp, emails, or start the audio recording and access to GPS data and the address book. Except that it is simply a malicious use of this surveillance software intended, initially, for the justice and the Italian police.
A fake application related to a real ISP
Google immediately responded by removing the infected applications, and the victims are thousands because Exodus has existed for several years! The bad news is that Lookout, another security specialist, discovered that spyware was also present on iOS.
Its variant was less dangerous but the mechanism was the same since Exodus took the form of a false application linked to an ISP.
A bit like SFR & Moi or Freebox in France, except that it was to encourage users to install an application related to technical support. This time, the trap was hidden in a web page opened from a mobile. Clearly, Exodus is not present on theStore, but there are traces in applications.
Like Google, Apple immediately removed the infected apps, but the method used by hackers confirms that there is a flaw that combines phishing and spyware to trap users and push them to install malicious applications.