Be aware: Exodus Spyware in wild claiming to be legit iOS app

Dubbed Exodus on third party sites to target iPhones and iPads users

Cybersecurity experts from Lookout have recently reported a spyware app, dubbed Exodus, is targeting Apple iOS users. The app named “Assistenza SIM” available outside of the original version of the App store abused the enterprises certificate to make itself to be installed into iPhones and iPads.

The malicious app supposedly claims itself to be act as a helpline for users to contact their mobile carriers in Italy and Turkmenistan. However, it has a dubbed Exodus spyware disguised in, if installs, could steal various confidential and sensitive details including contacts, photos, videos, and audio recordings, GPS’ information and device location etc.

Apple company itself provide the App store that is enough for the customers to download any software and thus, any third party software would be given an opportunities and even expected to get install inside the PC. However, the infection happened and what helped the most the Cyber Criminals is their accessing to the “Apple Developer Enterprise Program”.

Android version Exodos is more dangerous

Cyber Security experts from “Security Without Borders” first noticed Android OS exodus when the Cyber Criminals was trying to add 25 malware laden spyware apps to the Google Play store with the use of the Exodus.

For the three years, the Android version exodus was at its development mode. The malware carried the infection in three steps of which the first one is data stealing. The second and third one are installing malicious packages and taking control of the entire device.

The virus gets the details of about IMEI and mobile or phone number and other original identification data and gains much of the knowledge about the infected device. The numerous malware are then installed by Exodus to carry out varieties of spying activities. The last stage and the most dangerous step, that is, gaining the control over the PC is achieved by using Dirty COW (CVE-2016-5195).

Its malicious activities can guess by just knowing one of its malicious features that it is activate even when the PC is shut down. By finishing the stages, it starts doing its main motive that is performing the biggest amount of surveillance what it can which will definitely downgrade the PC performances the most.


From the discussion above, it appears out that the Android Exodus is comparatively dangerous than the Apple Exodos. Even though, you, the Apple users should take it lightly as the threat can expose the sensitive data that it collects including contact lists, audios files, videos, photos, device-related information etc to the Cyber Criminals through the same channel “CnC structure” as in Android. It connects the remote server through HTTP PUT requests. The Apple is however banned the installing of malware laden apps on iphones, but is not yet known about how many devices have been infected by the threat already.