US DOJ fines StealthGenie for selling Android, iOS spyware, demands source code

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

The United States Department of Justice has fined the CEO of spyware vendor StealthGenie $500,000 and demanded the firm turn over the source code for software designed to remotely monitor calls, texts and other activity on Android and jailbroken iOS devices.

In a statement, Assistant Attorney General Caldwell of the Justice Department's Criminal Division wrote, "Spyware is an electronic eavesdropping tool that secretly and illegally invades individual privacy," adding, "Make no mistake: selling spyware is a federal crime, and the Criminal Division will make a federal case out if it.

"Today's guilty plea by a creator of the StealthGenie spyware is another demonstration of our commitment to prosecuting those who would invade personal privacy."

The announcement stated that the StealthGenie spyware "could be installed on a variety of different brands of mobile phones, including Apple's iPhone, Google's Android, and Blackberry Limited's Blackberry. Once installed, it could intercept all conversations and text messages sent using the phone. The app was undetectable by most users and was advertised as being untraceable."If your iPhone has never been jailbroken before then you are safe

Hammad Akbar, a 31 year old Danish citizen, plead guilty to developing and marketing the spyware tool, and was sentenced to time served, a $500,000 fine and "was also ordered to forfeit the source code for StealthGenie to the government."

While the government announcement didn't detail how StealthGenie worked, other reports on the web indicated that the spyware required manual installation on Android phones to allow the installation of a background listening service named "device.service."

On iOS phones and tablets, the device must be jailbroken first, as an installation video (below) detailed. "If your iPhone has never been jailbroken before then you are safe," a report by Flexispy stated in its removal instructions.

If the app were installed on a jailbroken iOS device, it would show up in the Cydia app installed as "Mobile Developer http://cpios.net."

StealthGenie was sold between 2012 and the end of September 2014, targeting iOS 4 through iOS 7.1.2; two months ago, the software was taken off the market during the government's investigation.

In August, details leaked of another spyware package named FinSpy, marketed for use by law enforcement and government agencies. It too required a jailbroken iOS device to work, but could attack any Android version up to then latest 4.4 KitKat as well as Blackberry, Symbian and older Windows Mobile devices.

While Apple's iOS is not impossible to exploit, users are protected by the company's strong security policy that blocks third party app distribution, piracy and malware. Two recent Trojan Horse malware exploits, WireLurker and Masque Attack both similarly required users to disable Apple's built in security systems on iOS or OS X in order to install them.

Android is the favored platform of Al-Qaeda, making it obvious why government surveillance teams seek to target the platform. However, the ease in exploiting Android is also directly related to severe security lapses Google has made in designing its mobile platform.

Outside of Samsung, the majority of Android devices now shipping are low end products from smaller vendors that have no qualms about blocking Google's security features, installing malware and backdoors or simply selling products with outdated software that is vulnerable to exploit.

Every discounted Android tablet of the dozen purchased from major retailers and tested by Bluebox Labs this month was found to have wide-open vulnerabilities that would enable spyware vendors or government agencies to exploit them for remote monitoring.

Easy to use Android "RAT" (Remote Administration Tool) packages are commonly sold for at little as $300 to allow anyone to monitor large groups of Android users.