Missed the GamesBeat Summit excitement? Don't worry! Tune in now to catch all of the live and virtual sessions here.

Reports have surfaced today that a new type of spyware is in the wild and targeting iOS devices. The spyware is part of a malware campaign security industry people are calling “Operation Pawn Storm.”

The spyware is actually an app — the security firm Trend Micro has dubbed the app XAgent — that attempts to install and run on iOS devices.

Once installed, the malicious application can collect text messages, contact lists, pictures, geolocation data, and information from installed apps on an iOS device. It reports the data back to a control server. It can also collect the user’s Wi-Fi status. The most vulnerable devices are iPhones — even if the user hasn’t degraded security by jailbreaking it.

XAgent can use Apple’s ad hoc provisioning system —  a feature used by enterprises to distribute apps to small groups of users — to install itself on the target’s phone.


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

Fortunately, for iOS 8 devices, the user will see multiple notifications that the phone is trying to install an app. And it can’t run without the user launching. On a device running iOS 7, XAgent could install itself, and it does not show up as an app icon on the interface.

“The good thing for users is that this isn’t something that can be automatically done,” Trend Micro executive Jon Clay told Macworld. “There are steps you have to do as a user to install this.”

In iOS 8 the user must launch the XAgent app before it can do any damage.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.