While Android phones are constantly targeted by cybercriminals, the iPhone is considered more secure. Now, leaked documents from one of the world's leading surveillance companies have reaffirmed the idea.
As spotted by the Washington Post, a leaked document from Gamma Group, a secretive seller of surveillance tools, emerged on the Internet last week. Hosted on Netzpolitik, the document (.PDF) reveals interesting information concerning Gamma Groups' extensive range of surveillance tools, but in particular, notes that the iPhone is notoriously difficult to infiltrate -- the only exception being when a user has jailbroken their device.
A particular piece of software is called FinSpy. According to Gamma Groups' FinSpy software specifications hosted by Wikileaks, the spyware can be used to monitor Skype conversations, take screenshots and photos using a device's camera, record microphone use, emails, voice-over-IP and extract files from hard discs. FinSpy can be controlled remotely as soon as the compromised device is connected to the Internet.
According to the latest Gamma Group document leak, while FinSpy has the capabilities to infiltrate Android, Blackberry, and older Microsoft handsets, iPhones are out of reach unless the device's core security protocols have changed through jailbreaking.
Dated April 2014, the document states that the spyware "is designed to help law enforcement and intelligence agencies to remotely monitor mobile phones and tablet devices," and get full access to calls, SMS, MMS, address books and make silent calls to remotely listen to microphones. If a user of FinSpy wishes to infiltrate a phone, the support details are as below:
An iPhone user can jailbreak their device using a number of free tools, and by doing so, they gain root access which the iOS operating system does not allow by default. Doing so allows for unsigned apps to run and heavy customisation of the OS -- something Android allows as an open-source, free ecosystem -- but if unsigned code is permitted to run, then this provides a channel for tools such as FinSpy to enter.
Last year, researchers from The Citizen Lab said the spyware had been discovered in use by 25 countries, including being linked to the monitoring of dissidents in Bahrain. While developed by Gamma Group in Munich, Germany and sold through a UK subsidiary as a law enforcement tool, it is also believed to be used to target opposition groups and activists by governments worldwide.