Who’s on the phone dear? Malware?

It seems like there is to be no let up in the attacks on smart phones with the numbers of threats against devices increasing by the month. Now, the computer security business Trend Micro has announced that it has uncovered a mobile malware that is part of a wider strategy that is designed to infect as many non high profile users as possible in the shortest space of time. The spyware in question is called Xagent and the intention behind it is that, once it has infected as many low profile users as possible, it will then be pushed to higher profile targets, such as those within media, government and military.

Unfortunately this iOS app is incredibly versatile and can target both jailbroken and non-jailbroken devices. It works its way into the device via a link that is sent by text, email or picked up via a website and is then clicked on by the user. Clicking on the link installs the malware in the device and it will then run invisibly in iOS 7 permanently. In iOS 8 the app has a visible icon that will appear on the device and essentially warns a user – this is an indication that the criminals behind the app have not been able to get past Apple’s latest security measures, which can only be a good thing.

Because the app is signed with the iOS Developer Enterprise Program certificate (this is a program specifically for developing corporate and business in house apps) it cannot be distributed via the App Store, which is why the text, email and web links are being used. However, remember that the iOS system has two inbuilt warnings when you’re installing something that hasn’t come from the App Store so, as long as you’re not the kind of person who just automatically clicks ‘ok’ to everything without reading the warnings (which is what the hackers are relying on) then you have a fighting chance of avoiding this. And it really is worth avoiding this malware as once inside your device it will help itself to contacts, photos, text content and your location – be vigilant and help keep the hackers at bay.