Wednesday January 29, 2020
Home Lead Story Tech Giant Ap...

Tech Giant Apple Suspends Another Spyware app From App Store: Report

Google was also found to have been running a similar programme and in response, Apple briefly revoked the certificate used by Google and Facebook to push updates on their apps

0
//
Apple, women
The Apple logo is shown outside the company's Worldwide Developers Conference in San Francisco, California. VOA

Immediately after spyware-maker Connexxa’s infamous app “Assistenza SIM” was caught abusing the iOS enterprise certificate to bypass Apples App Store guidelines, the iPhone-maker revoked its enterprise certificate, making it un-installable on iOS devices.

Security researchers at the US-based IT security company, Lookout, revealed that the app could steal contacts, videos, photos, real-time location data from users’ devices and tap their phone calls as well, The Verge reported on Monday.

The iOS enterprise certificate, that is meant “solely for the internal distribution of apps within an organisation” otherwise, allowed the “Assistenza” app to bypass the Apple certification and stay accessible for downloads through phishing sites outside the App Store.

Details on exactly how many users were targeted by the app and how much information was accessed remain undisclosed.

In 2018, the app was discovered on Android with root access to the smartphones of several users.

Apple, Campus, China
A customer is entering the Apple store in Fairfax, Virginia. VOA

Before the app was brought into Google’s notice and removed from PlayStore, the spyware developers could read Wi-Fi passwords, emails as well as data from apps like Facebook, Gmail, WhatsApp, Viber and WeChat.

All this time, the developers have been disguising the app to pretend to be the carrier of helpline apps from Italian and Turkmenistani mobile operators, which could help users get in touch with them.

Raising questions on Apple’s pride over its security measures and App Store policies, a bunch illicit apps that use enterprise certificates offer pirated content, porn, gambling and all kinds of materials.

Also Read- Revitalizing North Korea Talks With U.S. After Failed Hanoi Summit

Recently, Facebook gathered Apple’s attention when it began paying people to install a “Facebook Research” Virtual Private Network, which collected the user’s private phone and web data without their consent.

Google was also found to have been running a similar programme and in response, Apple briefly revoked the certificate used by Google and Facebook to push updates on their apps, the report added. (IANS)

Next Story

Social Networking Giant Facebook Blames Apple iOS for Bezos’ Phone Hacking

WhatsApp provides end-to-end encryption by default, which means only the sender and recipient can view the messages

0
Social Media, Facebook, Authenticity, Posts
The social media application, Facebook is displayed on Apple's App Store, July 30, 2019. VOA

Facebook has blamed Apple’s operating system for the hacking of Amazon Founder and CEO Jeff Bezos’ phone, saying WhatsApp’s end-to-end encryption is unhackable.

Investigators believe that Bezos’s iPhone was compromised after he received a 4.4MB video file containing malware via WhatsApp – in the same way when phones of 1,400 select journalists and human rights activists were broken into by Pegasus software from Israel-based NSO Group last year.

In an interview to the BBC last week, Facebook’s Vice President of Global Affairs and Communications, Nick Clegg, said it wasn’t WhatsApp’s fault because end-to-end encryption is unhackable and blamed Apple’s operating system for Bezos’ episode.

“It sounds like something on the, you know, what they call the operate, operated on the phone itself. It can’t have been anything on the, when the message was sent, in transit, because that’s end-to-end encrypted on WhatsApp,” Clegg told the show host.

Clegg compared the hack to opening a malicious email, saying that “it only comes to life when you open it”.

According to a report from FTI Consulting, a firm that has investigated Bezos’ phone, after that the video file was received, Bezos’ phone started sending unusually large amounts of outbound data, including his intimate messages with his girlfriend Lauren Sanchez.

Jeff Bezos
Jeff Bezos, Amazon founder and owner of Blue Origin. (Wikimedia commons)

According to Clegg, “something” must have affected the phone’s operating system.

“As sure as you can be that the technology of end-to-end encryption cannot, other than unless you have handset, or you have the message at either end, cannot be hacked into,” he was quoted as saying.

Apple was yet to comment on Facebook’s statement.

The NSO Group has denied it was part of Bezos’ hacking.

Also Read: Here Are Some Life Lessons That We Can Learn From Freedom Fighters this Republic Day

WhatsApp provides end-to-end encryption by default, which means only the sender and recipient can view the messages. But the piece of NSO Group software exploited WhatsApp’s video calling system by installing the spyware via missed calls to snoop on the selected users.

According to leading tech policy and media consultant Prasanto K. Roy, end-to-end encrypted apps (E2EE) do provide security, and messages or calls cannot be intercepted and decrypted en route without enormous computing resources.

“But once anyone can get to your handset, whether a human or a piece of software, the encryption doesn’t matter anymore. Because on your handset, it’s all decrypted,” Roy told IANS recently. (IANS)