‘XAgent’ spyware can reportedly collect pictures and other data from an iPhone

iBooks icon iOS 8.1

Security on mobile devices is a big talking point as of late, and as new malicious software continues to be developed it will remain as such.

According to a report published by Macworld, and citing a report issued by security company Trend Micro, a new piece of spyware has been discovered that can infect iPhones running iOS 7 or iOS 8, whether they’re jailbroken or not. Once an iPhone is infected, according to the report, the spyware can then offload large amounts of data, including pictures, contact information and more to a remote server.

Trend Micro calls the spyware “XAgent,” and it can be delivered onto an iPhone through a phishing attack called island hopping. Essentially, as detailed by the company, this means that other devices of friends and family members are infected first, and then those are used to infect the “target device.” This is believed to be possible because an individual is more likely to open a link, even one that’s malicious, when it’s sent from a friend or family member rather than a stranger.

XAgent can also turn on the phone’s microphone, apparently, and record anything that’s within earshot.

According to Trend Micro, this spyware can run on either iOS 7 or iOS 8, however the company believes it was written before the release of iOS 8 due to the fact that the software is far more stealthy on iOS 7 than the newest version of the mobile OS. To the point, the spyware can actually hide in iOS 7 because the malicious app’s icon can be hidden, and doesn’t need to be directly activated to do damage. On iOS 8, though, the app icon cannot be hidden, and someone would have to open the app every time the phone is rebooted just to infect the device again.

We’ve been monitoring the actors behind this for quite some time,” said Jon Clay, senior manager of Global Threat communication at Trend Micro, in a phone interview. “The criminals have introduced [the iOS app] as part of their campaign to move further into the [targeted] organization, using this rather than PC malware.

Trend Micro has issued the same security statement regarding this type of software, telling iPhone owners to never click on links that they are not absolutely sure of, or download anything onto their device that isn’t directly available through the App Store. (It is not said in the original article how a non-jailbroken device can download this malicious app, seeing as the App Store is a necessary step to download an app to a non-jailbroken iPhone.)

[via Macworld]