According to FireEye this malicious App which takes advantage of a key flaw in the iOS multitasking capabilities to allow the hackers/attackers to record the iPhone users every tap or swipe, has so far only been found in Non-Jailbroken iOS 7.0.x device which means that Jail broken iPhones are immune to this particular App. FireEye has also said that the logged files containing the ‘touchlogs’ are then transferred to unknown command and control servers.The Apps concept relies on Apple’s background refresh technology because an iPhone can run several apps in background and can collect information of every touch made on device. iPhone has Option to turn off background refreshing of applications but researchers have said that disabling background refresh may not restrict the touchlogging of this malicious app. FireEye gave the example of the “Music player App” on a iPhone. The Music Player App keeps on continuously refreshing itself even if background refresh has been disabled by the user. This App, FireEye says, works in a similar fashion, refreshing data even when background refresh is Disabled.Until Apple releases Patch for this flaw or vulnerability, the only thing iPhone users can do is keep an eye on the running Apps in the Task Manager and kill any App/Task which seems unnatural.
