iOS spyware listens to conversations, steals your pics

There’s a creepy new piece of iOS malware making the rounds that can actually turn on your microphone and snoop on private conversations. And it doesn’t even require your iPhone be jailbroken to infect it.


Trend Micro refers to this threat as XAgent, and it’s part of a larger operation they call “Pawn Storm.” Why? Because the criminals controlling the malware don’t go after their intended targets immediately. They first try to infect people close to the target, turning them into pawns in their little game of chess.

It all starts with a phishing attack against a pawn. The next step relies on a technique referred to as “island hopping,” which takes advantage of the real-world trust established between a pawn and a target. You’re much more likely to open an email from your friends and colleagues than you are from some random Gmail user.

The phishing attack leads users to a link that exploits Apple’s ad hoc provisioning system, allowing the spyware to be delivered to the device without App Store intervention. Trend mentions in their post that it’s also possible that XAgent could be delivered via a USB connection — including a maliciously modified but harmless-looking charger.

Once an iPhone or iPad has been infected with XAgent, the malware starts phoning home with data. It’s capable of uploading pictures, contact lists, and location information. It can rifle through text messages and, yes, it really can eavesdrop on your conversations.

As creepy and powerful as XAgent is, it’s not something iOS users need to panic about. XAgent has to be installed manually, and while the malware can hide the app icon it creates on iOS 7 devices it can’t do that on iOS 8. Stick to charging your device with your own cord and charger and don’t install apps from outside the App Store, and you should be just fine.