We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!

Reports have surfaced today that a new type of spyware is in the wild and targeting iOS devices. The spyware is part of a malware campaign security industry people are calling “Operation Pawn Storm.”

The spyware is actually an app — the security firm Trend Micro has dubbed the app XAgent — that attempts to install and run on iOS devices.

Once installed, the malicious application can collect text messages, contact lists, pictures, geolocation data, and information from installed apps on an iOS device. It reports the data back to a control server. It can also collect the user’s Wi-Fi status. The most vulnerable devices are iPhones — even if the user hasn’t degraded security by jailbreaking it.

XAgent can use Apple’s ad hoc provisioning system —  a feature used by enterprises to distribute apps to small groups of users — to install itself on the target’s phone.


Transform 2022

Join us at the leading event on applied AI for enterprise business and technology decision makers in-person July 19 and virtually from July 20-28.

Register Here

Fortunately, for iOS 8 devices, the user will see multiple notifications that the phone is trying to install an app. And it can’t run without the user launching. On a device running iOS 7, XAgent could install itself, and it does not show up as an app icon on the interface.

“The good thing for users is that this isn’t something that can be automatically done,” Trend Micro executive Jon Clay told Macworld. “There are steps you have to do as a user to install this.”

In iOS 8 the user must launch the XAgent app before it can do any damage.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.