LifeLine Your Tech Team wants to alert customers to a new potential source of Internet connected cell phone damage: the Exodus program. Cell phones have grown more complex during recent years. The potential has increased for hackers and spyware creators to target these widely used electronic devices.

The problem of malware infecting cell phones poses potential privacy concerns for phone users. It also requires companies providing cell phone repair services to remain vigilant to correct any problems caused by infected apps. Phone users sometimes unintentionally deploy the spyware on their own devices without realizing an app contains hidden spyware code.

Exodus Spyware

In March, cybersecurity researchers based in Europe reported discovering Android spyware named “Exodus” concealed inside an application distributed through the Google Play Store.(1) They subsequently located the same malicious code in some 24 additional Android apps.(2) This situation has raised concerns among Android phone users.

This month, another security firm found a slightly different variation of the same spyware in iOS apps which had not yet been released through the Apple App Store.(1) The company later learned phishing sites had distributed the iOS version carrying enterprise certificates signed by Apple, which could result in people installing the spyware outside the Apple App Store. (Apple later revoked the certificates.)

Protecting Your Phone

Security experts recommend the public take these steps to protect their Internet-connected cell phones:

  • Purchase wireless malware protection from cell phone carriers;
  • Obtain timely operating system updates;
  • Seek qualified repair services if you suspect Exodus has already infected your device.

Invading The Privacy of Phones Users

Exodus primarily poses personal privacy and security concerns. The code enables hackers to seize control of a phone. The attackers possess the capability to determine the location of the device (potentially allowing them to track phone users). They may also peruse stored contacts, videos, and photos, or use the phone for surveillance purposes as a listening device. The iOS version reportedly facilitates some data thefts, also.(1)

Initial reports suggest the code originated as a tool to assist Italian law enforcement agencies. An IT company named Connexxa reportedly helped develop the application to aid police over the course of a five year span of time.(1) It remains unclear how many downloads of both versions of the spyware occurred, since phishing sites operate clandestinely.