APPLE'S ENTERPRISE CERTIFICATE has been abused once again with data-sucking spyware having sneaked onto iOS devices via a business-centric loophole.
Researchers from cybersecurity firm Lookout discovered that an app called 'Assistenza SIM' that abused the enterprise certificate to enable it to be installed onto iPhones and iPads without needing to go through the heavily-policed App Store.
While Assistenza SIM promised to act as a helpline for users to contact their mobile carriers in Italy and Turkmenistan, it was really spyware in disguise developed by spyware developer Connexxa.
Once on an iOS device, the spyware could gobble up contract details, photos, videos, users' real-time location and even audio recordings from the infected iThing.
Normally, Apple guards the gates to iOS very carefully. But its Enterprise Certificate programme allows developers to distribute custom in-house apps around a company without needing to go through the App Store. This arguably helps make iPhones and iPads even more business-centric gadgets, but the programme can be abused with enterprise apps pushed out to consumers, rather than kept for a company's sole internal use.
While Apple yanked the offending app's enterprise certificate, which stopped it from running, this does highlight that the firm may need to better police how it divvies out such certificates to developers that might not be as keen on producing legit apps as they say they are.
Then again, this is not the first time the spyware seemingly connected to Connexxa has cropped up. On Android the spyware came in the form of a malicious code dubbed Exodus, that was developed by a company called eSurv, whose CEO is also the founder of Connexxa.
On Android the spyware got into the Google Play Store by hiding behind legitimate sounding apps, one of which was called Assistenza Linea... sounds familiar, almost too familiar to be a coincidence.
Regardless of the origins, the whole shebang highlights how surreptitious spyware and its developers can be and that there may need to be greater levels of security around both Android and iOS app development to keep digital nasties at bay. µ
Slack, hack and crack
A flaw in the protocol affects iOS, macOS and Windows 10
Wig wearer has issue with non-wig-wearer