The Interapp from Tel Aviv's Rayzone Group is an intrusion appliance that uses a cache of zero-day exploits against common mobile phone OSes and is marketed as having the capability to infect and take over any nearby phone whose wifi is turned on.
It is marketed to law enforcement agencies and is billed as being able to effect hundreds of simultaneous attacks, without leaving behind forensic traces.
The headline news here isn't that there are bugs in our devices — anything as complex as our pocket supercomputers is bound to have many programmer errors in it. The showstopper is that a company has found (or bought) a critical mass of these bugs and decided, in the name of security, not to disclose them to the manufacturers for repair, or tell the public about them, so that we can make informed choices about what we entrust to these devices. Instead, they've openly marketed these bugs to law enforcement firms, who, rather than building a case against this company for being an accessory to the crimes that others will be able to commit while these bugs are live and unpatched, are giving the company money diverted from the tax-base raised from the people who will be victimized by these bugs.
According to Rayzone, InterApp can steal a user's email address password and content, passwords for social networking apps, Dropbox passwords and files, the user's phone contact list, and his photo gallery.
Additionally, the gadget can also acquire the phone's previous geographical locations and plot them on a map, IMEI details, MSISDN data, MAC address, device model, OS info, and personal information on the target, such as gender, age, address, education, and more.
InterApp works on a variety of platforms, operates very fast, handles hundreds of devices at the same time, and requires no technical skills to operate, coming equipped with an idiot-proof administration panel.