Meet The Mobile Spyware That Can Take Over Your iPhone And Track Your Every Move

Meet The Mobile Spyware That Can Take Over Your iPhone And Track Your Every Move

Think iPhone spyware is a myth? Think again.

Apple’s strict approach to iOS software means that spyware very rarely makes its way onto our iPhones or iPads. But that doesn’t mean we aren’t at risk. A piece of mobile spyware called FinFisher, developed by U.K.-based Gamma Group, is capable of making its way onto your iPhone and recording your every move without you knowing it.

The software can secretly turn on your handset’s microphone to listen to your conversations, it can track your location, and even monitor your emails, text messages, and calls.

A group of researchers from the University of Toronto Munk School of Global Affairs’ Citizen Lab have been investigating the FinFisher software, which has previously been used by malware activists in Bahrain to infect personal computers. But it’s also available for mobile devices as FinSpy Mobile.

According to Gamma, the spyware’s creator, it is specifically designed for law enforcement and government use, and it enables agencies to keep track of criminals and monitor their every move. The problem is, sometimes the software finds its way into the wrong hands, and innocent people have their privacy invaded.

John Scott-Railton, a doctoral student at the UCLA Luskin School of Public Affairs, told Bloomberg: “People are walking around with tools for surveillance in their pockets. These are the tools that can be used to turn on your microphone and turn your phone into a tracking device.”

FinSpy Mobile makes its way onto your iPhone in one of two ways. You can be tricked into installing it by a malicious link in what looks like an innocent text message or email, or by a hacker that physically gains access to your device.

Of course, the first scenario is more likely, though it’s unclear how the software installs itself with Apple’s restrictions. The researchers report that Gamma uses an Apple developer certificate to make the software look like a trusted program. However, Gamma insists this is just for research purposes.

And if you think you’re safe because you’ve got an Android handset, think again. The software is also available for Google’s platform, as well as Windows Phone, BlackBerry, and even the Symbian operating system powering some Nokia devices. The study insists that the software does not take advantage of any vulnerability in the device or its operating system.

Once your handset is infected, it can be remotely controlled and monitored from anywhere in the world, according to a FinSpy brochure published by WikiLeaks.

It’s a scary thought. The good news is, it’s not easy to obtain Gamma’s FinFisher or FinSpy Mobile software. The company maintains that it only provides it to law enforcement and government agencies.

Apple and Google have declined to comment on the study, while Microsoft said: “We strongly encourage Windows Mobile owners to avoid clicking on or otherwise downloading software or links from unknown sources, including text messages.”

Canadian BlackBerry maker Research in Motion gave a similar response: “BlackBerry smartphones give customers control over what can be installed on the device in addition to prompting users to grant permissions to third-party applications. We recommend customers only download applications from trusted sources to help protect against potentially malicious software.”

Related
  • Tallest_Skil

    You can be tricked into installing it by a malicious link

    Quick question: how? Since the only way to do that is the App Store, it’ll be taken down, the authors banned permanently, and police knocking on their door when Apple finds out.

  • technochick
    You can be tricked into installing it by a malicious link

    Quick question: how? Since the only way to do that is the App Store, it’ll be taken down, the authors banned permanently, and police knocking on their door when Apple finds out.

    Probably uses the same tricks that let companies have their own internal stores for their own apps. Remember this is a legit and likely approved software. It is only marketed to law enforcement etc. This bit of typical from CoM FUD references the notion of someone lying to buy a company or stealing it from work.

  • Uncl3Ric0

    It’s all digital. Nothing is safe – why do you think the mob does not use smartphones? If you feel safe and secure, it’s a false sense. Trust no one or no thing, or accept the fact that the snoopers will snoop – and there is nothing you can do about it.

  • robert_walter

    Interesting article, but for me it is missing:
    a) how to detect if such malware is on one’s phone, and
    b) how one removes the malware once they have detected it…

  • Brian Whitney

    This whole article is just shock-based hit gathering. “Meet The Mobile Spyware That Can Take Over Your iPhone And Track Your Every Move” … The Software isn’t in the App Store, there’s no sign of it even existing for iOS, the ONLY way to get ANY App onto an iPhone that isn’t OK’d by Apple is through the Developer program (which has to be less than 1% of all iPhones)… But don’t let the facts stop you from posting a headline that sounds like it’s already downloaded onto all our iPhones. This article is bad and you should feel bad for publishing it.

  • Brian Whitney
    Interesting article, but for me it is missing:
    a) how to detect if such malware is on one’s phone, and
    b) how one removes the malware once they have detected it…

    There is no way for a piece of software to run in the background on your phone (remember all the ‘no multitasking? boo-boo’ from a few years ago), and if you want to delete a piece of software on an iPhone, you already know how.

About the author

Killian BellKillian Bell is a staff writer based in the U.K. He has an interest in all things tech and also covers Android over at CultofAndroid.com. You can follow him on Twitter via @killianbell.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in News, Top stories | Tagged: , , , , , , , , , , , , , , , |