The iOS app is installed via ad-hoc provisioning, a feature normally used by developers to test their apps, and so by-passes the checks and controls of the official Apple app store. The bad guys identify people who are close to their intended targets, such as military aides. They send personalized, personalized emails to the aides asking them to update their registrations for a conference they will soon be attending, or ask them to install a custom app for that conference. The aides are more likely not to be using some of the more secure phones, but are still in proximity of the targets.”]
Source: https://www.csoonline.com/article/2880753/new-ios-spy-app-listens-in-to-conversations.html