Security researchers at Lookout have discovered Android and iOS versions of the dangerous Exodus spyware being distributed through various channels.
Exodus is a spyware platform which has previously been distributed to Android devices through several apps on the Google Play Store.
Once installed, the software collects data such as photos, browsing history, call logs, and conversations, and can even take pictures with the infected device’s camera or record sound with its microphone.
Google has since removed the infected applications from its Play Store, but the spyware has also been ported to iOS.
While Exodus was not distributed through the Apple Store, it is available for download from various third-party websites, where it masquerades as various carrier-specific support applications.
Deployment to users outside Apple’s app store was made possible through abuse of Apple’s enterprise provisioning system, Lookout stated.
This system is intended to allow organizations to distribute proprietary, in-house apps to their employees without needing to use the iOS App Store.
“Lookout has shared information about this family with Apple, and they have revoked the affected certificates,” Lookout said.
“As a result, no new instances of this app can be installed on iOS devices and existing installations can no longer be run.”