According to a report in TechWeek Europe, researchers have found that spying programs like SpyEra, SpyBubble and StealthGenie are used by attackers much more heavily on devices running iOS. In two samplings of infected devices, Israeli mobile security company Lacoon found that significantly more iOS devices were being targeted over other mobile operating systems (74 % in one sampling and 52 % in a second sampling).
Attackers are, of course, taking advantage of the relative popularity of Apple devices, and are using the spying programs in highly targeted attacks — for example, against business executives — “to watch over personal and business data, letting the attackers view all the victim’s emails, text messages and geo-location information.”
The catch for these spying programs (marketed and sold legally as methods for companies to monitor employees or for parents to keeps tabs on children, for example) is that they require physical access to the device, and in fact, require jailbreaking the device to allow the software to be uploaded:
According to Ohad Bobrov, CTO and co-founder of Lacoon Security, a trained individual can jailbreak a device and upload malware to an iPhone in “about the time the device’s owner leaves their phone on the table to grab a cup of coffee”.
Once the device has been compromised, the malware is very effectively hidden from the victim, which is what makes it such a dangerous exploit. For motivated individuals who are involved in cyberespionage, it could be a powerful tool.
Perhaps aware of this trend of cybercriminals trying to take advantage of mobile security issues, Apple has recently filed an interesting patent — an anti-theft feature based on motion sensors. According to the Apple Insider, the new patent application “calls for the use of a portable device’s accelerometer, in cooperation with a specialized controller, to detect whether a ‘theft condition is present’ and sound an alarm.” This follows a patent filed in October by Apple for methods to detect unauthorized users (in the event the device is lost or stolen), including heartbeat monitoring (!), matching voice recordings, or taking a picture of the user and sending such collected information to the authorized account. More mundane detection methods include incorrectly entered passwords, attempts to jailbreak the device, or removing a SIM card.