After the Exodus Spyware that hacked Apple’s Store, another app called Assistenza SIM has used iOS certificate to bypass Apple’s App Store. This app could steal your contacts, photos, videos, can see your real-time location, and it’s taping your phone as well.
Researchers from Lookout had contacted Apple about the malware, and the company has revoked the app’s enterprise certificate. After this revocation, it’s impossible to install it on your iOS device. As in Exodus case, the enterprise certificate allowed Assistenza app to bypass Apple certification and used sited outside the Apple Store for download.
However, Android devices were the first victims last year, when Assistenza gained access through Wi-Fi to hundreds of phones. After it gained access, the app relied on Wi-Fi and read passwords and users emails, data from Facebook, Viber, Gmail, WhatsApp, and WeChat. The researchers from Lookout had contacted Google last year too and removed the apps from Google’s Play Store.
Moreover, like Exodus, the app for both Android and iOS versions, hide as apps made by Italian and Turkmenistani mobile operators. Assistenza app pretended to be a carrier helpline application. The user could install the app to get in touch with operators. We are informed that the developer behind Assistenza app is Connexxa, a spyware maker.
Also, Assistenza is not the only app that tries to take advantage of Apple’s enterprise certification. The world is full of apps that offer pirated content, gambling, porn, and all kind of material that Apple wouldn’t usually allow under Apple’s Store. But buying those enterprise certificates, they could quickly enter undetected by Apple’s radar.
Thanks to Facebook that has found out about “Facebook Research” VPN, Apple’s attention was attracted. The app was getting web data from user phones. Also, Google had the same program running in its store and after that Apple revoked the certificate used by both Google and Facebook.