iOS has always been more secure than Android, and new information that’s leaked out of one of the world’s leading surveillance companies reiterates that fact.
The Gamma Group has a piece of spyware called FinSpy that can hook into just about any Android, Blackberry, and older Microsoft phone. But it can’t touch an iPhone unless the user has changed its core security through the process of jailbreaking.
First noticed by The Washington Post, a leaked document from the Gamma Group reveals the details. Dated April 2014, the document says that FinSpy is “designed to help Law Enforcement and Intelligence Agencies to remotely monitor mobile phones and tablet devices.” Once installed, it can relay messages, phone calls, location data, contacts, and more.
In a chart showing the spyware’s support platforms, iOS is only listed as jailbroken. The process of jailbreaking through a free tool like Evasi0n gives the user root access to make filesystem changes Apple doesn’t allow in iOS otherwise. Unsigned code can then be run outside what’s in the App Store, and that’s the only way FinSpy can work.
So far, FinSpy has been used to spy on computers in the U.S., U.K., Germany, Russia, Iran, and Bahrain. The NSA recently came under fire for spying on the American public, and Apple has repeatedly denied that it’s created backdoors into its products for government surveillance.
Apple executives tout iOS’s security over other mobile platforms whenever they can. Security research consistently shows that the vast majority of mobile malware is targeted at Android.
But there’s always the chance that someone will find a way to hack into the iPhone like other platforms. Georgia Tech researchers will soon publish a study the details how to create a botnet out of iPhones. The catch is that it requires an exploit in connecting over USB to a Windows PC.