US DOJ fines StealthGenie for selling Android, iOS spyware, demands source code

Posted:
in iPhone edited November 2014
The United States Department of Justice has fined the CEO of spyware vendor StealthGenie $500,000 and demanded the firm turn over the source code for software designed to remotely monitor calls, texts and other activity on Android and jailbroken iOS devices.

StealthGenie


In a statement, Assistant Attorney General Caldwell of the Justice Department's Criminal Division wrote, "Spyware is an electronic eavesdropping tool that secretly and illegally invades individual privacy," adding, "Make no mistake: selling spyware is a federal crime, and the Criminal Division will make a federal case out if it.

"Today's guilty plea by a creator of the StealthGenie spyware is another demonstration of our commitment to prosecuting those who would invade personal privacy."

The announcement stated that the StealthGenie spyware "could be installed on a variety of different brands of mobile phones, including Apple's iPhone, Google's Android, and Blackberry Limited's Blackberry. Once installed, it could intercept all conversations and text messages sent using the phone. The app was undetectable by most users and was advertised as being untraceable."If your iPhone has never been jailbroken before then you are safe

Hammad Akbar, a 31 year old Danish citizen, plead guilty to developing and marketing the spyware tool, and was sentenced to time served, a $500,000 fine and "was also ordered to forfeit the source code for StealthGenie to the government."

While the government announcement didn't detail how StealthGenie worked, other reports on the web indicated that the spyware required manual installation on Android phones to allow the installation of a background listening service named "device.service."



On iOS phones and tablets, the device must be jailbroken first, as an installation video (below) detailed. "If your iPhone has never been jailbroken before then you are safe," a report by Flexispy stated in its removal instructions.

If the app were installed on a jailbroken iOS device, it would show up in the Cydia app installed as "Mobile Developer http://cpios.net."

StealthGenie was sold between 2012 and the end of September 2014, targeting iOS 4 through iOS 7.1.2; two months ago, the software was taken off the market during the government's investigation.

In August, details leaked of another spyware package named FinSpy, marketed for use by law enforcement and government agencies. It too required a jailbroken iOS device to work, but could attack any Android version up to then latest 4.4 KitKat as well as Blackberry, Symbian and older Windows Mobile devices.

While Apple's iOS is not impossible to exploit, users are protected by the company's strong security policy that blocks third party app distribution, piracy and malware. Two recent Trojan Horse malware exploits, WireLurker and Masque Attack both similarly required users to disable Apple's built in security systems on iOS or OS X in order to install them.

Android is the favored platform of Al-Qaeda, making it obvious why government surveillance teams seek to target the platform. However, the ease in exploiting Android is also directly related to severe security lapses Google has made in designing its mobile platform.

Outside of Samsung, the majority of Android devices now shipping are low end products from smaller vendors that have no qualms about blocking Google's security features, installing malware and backdoors or simply selling products with outdated software that is vulnerable to exploit.

Every discounted Android tablet of the dozen purchased from major retailers and tested by Bluebox Labs this month was found to have wide-open vulnerabilities that would enable spyware vendors or government agencies to exploit them for remote monitoring.

Easy to use Android "RAT" (Remote Administration Tool) packages are commonly sold for at little as $300 to allow anyone to monitor large groups of Android users.
«13

Comments

  • Reply 1 of 45
    swiftswift Posts: 436member
    Hey, there, Cydia fans: want to eavesdrop on a girlfriend? Just get Stealth Genie!

    Want to learn all his passwords? Stealth Genie!

    I like the stylish video, with the music, the animation, and the semi-pro narration.
  • Reply 2 of 45

    Demands the source code so that THEY can spy on iOS and Android users.

     

    Completely psychotic.

  • Reply 3 of 45
    quinneyquinney Posts: 2,525member

    In a <a href="http://www.justice.gov/opa/pr/man-pleads-guilty-selling-stealthgenie-spyware-app-and-ordered-pay-500000-fine">statement</a>, Assistant Attorney General Caldwell of the Justice Department's Criminal Division wrote, "Spyware is an electronic eavesdropping tool that secretly and illegally invades individual privacy," adding, "Make no mistake: selling spyware is a federal crime, and the Criminal Division will make a federal case out if it.

    "Today's guilty plea by a creator of the StealthGenie spyware is another demonstration of our commitment to prosecuting those who would invade personal privacy."

    Wait a minute. I thought the position of the DOJ was that mobile devices which protect privacy caused children to die.
  • Reply 4 of 45
    Quote:

    Originally Posted by Tallest Skil View Post

     

    Demands the source code so that THEY can spy on iOS and Android users.

     

    Completely psychotic.




    Agreed.

  • Reply 5 of 45

    Leave it to DED to use this case as an opportunity to make a backhanded slam against Android. Bravo.

  • Reply 6 of 45
    Leave it to DED to use this case as an opportunity to make a backhanded slam against Android. Bravo.

    Because apparently Eric Schmidt is convinced that Android is the most secure OS on the planet and frequently says so in the media. A media so keen on sucking his gold gilded penis that no one corrects him.
  • Reply 7 of 45
    Quote:

    Originally Posted by jmncl View Post





    Because apparently Eric Schmidt is convinced that Android is the most secure OS on the planet and frequently says so in the media. A media so keen on sucking his gold gilded penis that no one corrects him.



    The crux of the article was about the arrest & fining of a malicious software vendor and him turning over the source code to the Government not yet another opportunity for a DED diatribe on Android security

  • Reply 8 of 45
    Quote:

    Originally Posted by Lord Amhran View Post

     

    Leave it to DED to use this case as an opportunity to make a backhanded slam against Android. Bravo.




    A backhanded slam would be indirect, implied and ambiguous. 

     

    This is clearly a case of Android's sloppy engineering--with no real intent to actually protect users--resulting in another clear and unambiguous security failure that can't be argued against by anyone other than a truly doe-eyed Android asslick. 

  • Reply 9 of 45
    Originally Posted by jmncl View Post

    ...his gold gilded penis...

     

    Meanwhile I can only afford to get my penis gilded in turquoise.

  • Reply 10 of 45
    Quote:

    Originally Posted by Tallest Skil View Post

     

     

    Meanwhile I can only afford to get my penis gilded in turquoise.




    and even then you have to do it yourself with Sharpie most likely...

     

    Sucks to be you, too bad the NSA didn't invest in your company like they did for Google.

  • Reply 11 of 45
    MacProMacPro Posts: 18,167member

    The crux of the article was about the arrest & fining of a malicious software vendor and him turning over the source code to the Government not yet another opportunity for a DED diatribe on Android security

    "Android security" ... Really? Oxymoron of the day. :D
  • Reply 12 of 45
    MacProMacPro Posts: 18,167member
    Remember all the posts back in the day? ... "Apple's 'walled garden' is never going to be a success..." ROFL
  • Reply 13 of 45
    roakeroake Posts: 630member
    So what's the basis for this?

    Is it a federal crime to duplicate what the federal government/NSA is already doing? Is this the equivalent of the Obama administration suing for infringement? Maybe The government is worried that a company doing this so publicly will bring too much attention to what they themselves are doing. "This is the next Snowden! Let's eff him up!"

    In any case, it's laughable that the Feds fine this guy "to protect us" while they are doing far worse.
  • Reply 14 of 45
    <div class="quote-container" data-huddler-embed="/t/183599/us-doj-fines-stealthgenie-for-selling-android-ios-spyware-demands-source-code#post_2645065" data-huddler-embed-placeholder="false">Quote:<div class="quote-block">Originally Posted by <strong>Lord Amhran</strong> <a href="/t/183599/us-doj-fines-stealthgenie-for-selling-android-ios-spyware-demands-source-code#post_2645065"><img alt="View Post" src="/img/forum/go_quote.gif" /></a><br /> <p>Leave it to DED to use this case as an opportunity to make a backhanded slam against Android. Bravo.</p></div></div><p><br />A backhanded slam would be indirect, implied and ambiguous. </p><p> </p><p>This is clearly a case of Android's sloppy engineering--with no real intent to actually protect users--resulting in another clear and unambiguous security failure that can't be argued against by anyone other than a truly doe-eyed Android asslick. </p>
    DED proving once again what a high class journalist he isn't :rolleyes:
  • Reply 15 of 45
    MacProMacPro Posts: 18,167member
    roake wrote: »
    So what's the basis for this?

    Is it a federal crime to duplicate what the federal government/NSA is already doing? Is this the equivalent of the Obama administration suing for infringement? Maybe The government is worried that a company doing this so publicly will bring too much attention to what they themselves are doing. "This is the next Snowden! Let's eff him up!"

    In any case, it's laughable that the Feds fine this guy "to protect us" while they are doing far worse.

    I am always puzzled when there are references to a particular POTUS when there are discussions about the USCIS, TSA, CIA, FBI, NSA etc. As if they really change with the POTUS or are doing things all that differently from when under previous administrations of either persuasion.
  • Reply 16 of 45
    MacProMacPro Posts: 18,167member
    DED proving once again what a high class journalist he isn't :rolleyes:

    I beg to differ in the extreme on your opinion of DED. So to your point ... Android is not a steaming heap of unsafe crap in your opinion? Please do elaborate.
  • Reply 17 of 45
    Demands the source code so that THEY can spy on iOS and Android users.

    Completely psychotic.

    Absolutely right. You can bet this will immediately be used by one of the 3-letter agencies to get more departmental funding to roll out all-new spying capabilities.
  • Reply 18 of 45
    lkrupplkrupp Posts: 6,969member

    I don’t give a rat’s ass what happens to jailbroken iOS devices or their owners. If these morons, spouting their ‘choice’ and ‘freedom’ invectives, want to open their devices up to the bad guys then they deserve every piece of malware they get. If these self-important, narcissistic, holier-than-thou, ‘look at me’ idiots want their ‘freedom’ then let them move to Android. Screw ‘em. Their nonsense gives Apple a black eye because the media does NOT distinguish between normal iOS users and these jackasses. All we hear is that iOS is vulnerable to the exploit-of-the-day.

     

    And I applaud Mr. Dilger for hammering away at that point constantly. It’s Android that has the problem, NOT iOS.

  • Reply 19 of 45
    lkrupplkrupp Posts: 6,969member
    Quote:

    Originally Posted by singularity View Post





    DED proving once again what a high class journalist he isn't image



    And guys like you think Mike Daisey is Walter Cronkite reincarnated, right?

  • Reply 20 of 45
    lkrupp wrote: »
    <div class="quote-container" data-huddler-embed="/t/183599/us-doj-fines-stealthgenie-for-selling-android-ios-spyware-demands-source-code#post_2645122" data-huddler-embed-placeholder="false">Quote:<div class="quote-block">Originally Posted by <strong>singularity</strong> <a href="/t/183599/us-doj-fines-stealthgenie-for-selling-android-ios-spyware-demands-source-code#post_2645122"><img alt="View Post" src="/img/forum/go_quote.gif" /></a><br /><br /><br />DED proving once again what a high class journalist he isn't <img src="http://forums-files.appleinsider.com/images/smilies/1rolleyes.gif" /></div></div><p><br />And guys like you think Mike Daisey is Walter Cronkite reincarnated, right?</p>
    nope
Sign In or Register to comment.