Spyware app abused iOS enterprise certificate to track targets

Another app has abused the iOS enterprise certificate in order to bypass Apple’s App Store rules, security researchers at Lookout announced on Monday. The app is called Assistenza SIM and it could steal a user’s contacts, videos, photos, and real-time location data, as reported by TechCrunch. It could also tap people’s phone calls remotely.

After researchers contacted Apple, the company revoked the app’s enterprise certificate, making it impossible to install it on an iOS device. The enterprise certificate allowed the Assistenza app to bypass Apple certification and stay accessible for downloads through phishing sites outside the App Store.

An earlier version of the spyware app was discovered on Android last year. The Android version…

Continue reading…

from The Verge – All Posts http://bit.ly/2I9hVmf
via IFTTT