Scammers and criminal hackers always seem to find a way to ditch various security checks implemented by the tech giants. Continuing their latest activities, they once again managed to bypass Apple’s checks to reach the App Store. Reportedly, as 17 different malicious iPhone apps target users with malware.
Malicious iPhone Apps Delivered Adware
Researchers from Wandera noticed various malicious iPhone apps targeting users. They found the apps delivering adware to users’ devices.
As elaborated in a blog post, 17 different iPhone apps exhibited malicious behavior. Further investigation revealed that the apps belonged to the same developer “AppAspect Technologies Pvt. Ltd” based in India. Whereas, the applications belonged to different categories, such as platform utilities, travel, and productivity. The full list of all 17 apps is available in their blog post.
Specifically, the apps used to infect the users’ devices with adware. The malware would run silently in the background, load web pages, and display full-screen ads. As explained by Wandera,
The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction.
The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network.
Following their installation, these apps communicated with the C&C using a robust encryption cipher. The researchers noticed the same C&C communicated with malicious apps on the Android Play Store as well, as discovered by Dr.Web a few months ago.
Because of the involvement of a C&C, it became possible for malicious apps to bypass Apple’s security checks.
Apple Removed The Malware-Delivering Apps
Upon discovering the suspicious apps, the researchers brought the matter to the notice of Apple officials. Following their report, Apple removed all 17 apps from the App Store. However, the developer still remains active on the Play Store running other, presently non-malicious apps.
For now, the threat seems halted. However, the researchers have advised the users to stay cautious while installing any applications to their device.
We recommend that mobile-enabled businesses undergo some form of app security vetting to ensure apps, especially free apps, are trustworthy, ie., have good reviews and legitimate developer profiles, and don’t request unnecessary or high-risk app permissions.
Let us know your thoughts in the comments.