Trojan malware found in 17 apps on Apple App Store

If any of these app icons are on your iPhone or iPad, uninstall them immediately. (Image via Wandera)

Wandera, a security research firm, has found malware in 17 apps on the Apple App Store. The apps use a clicker trojan module to generate fraudulent web traffic in the background, likely to pump up ad revenue for specific websites. The apps passed through Apple's stringent review process because they connected to a remote server to execute the fraudulent activity rather than having malware embedded directly in their code.

Sam Medley, Published 10/25/2019

Even the most secure walled gardens have holes.

Researchers at Wandera, a cybersecurity research firm, found trojans in 17 apps on the Apple App Store. The malware-infected apps circumvented Apple’s stringent approval process. The apps (listed below) have been removed from the App Store.

The malware discovered in the affected apps isn’t directly harmful to users and should pose a personal security risk to anyone. Instead, the malware is a “clicker trojan module” that can be used to commit ad fraud.

In short, a clicker trojan is a piece of malware that opens web pages in the background and clicks links without the user’s input or knowledge. This is done to generate revenue by fraudulently upping the “pay-per-click” count of web pages. It is common for website to earn advertising revenue based on the number of clicks a page generates; a clicker trojan automates that process and fraudulently increases the number of views on a web page.

While the infected apps didn’t harvest personal data from users, they likely increased mobile data use and drained battery life because of the web traffic created in the background.

So how did infected apps pass through Apple’s strict review process? After all, the Apple App Store is known for having an incredibly secure review process to suss out any malicious apps. The apps in question did not have malware embedded directly in their code. Rather, the apps would reach out to a remote server which would then execute the fraudulent web activity.

Apple stated it will improveWa its app review process to prevent future malware like this.

The 17 infected apps are all from the same developer: AppAspect Technologies Pvt. Ltd. If you have any of these installed on your Apple device, it’s recommended to remove them immediately:

Source(s)

Wandera

The newly discovered malware puts millions of IoT devices at risk (Image source: Packetlabs)

Open source Botenago malware could potentially affect millions of routers and IoT devices 11/13/2021

The Discord CDN network is apparently being abused to send malware masquerading as images, video, or text (Image source: Discord)

Hackers are using Discord to send malware and remote-access trojans, putting millions of users at risk 10/30/2021

Apple software chief Craig Federighi confirmed Mac software vulnerability mid-May 2021 (Source: Wccftech)

It's official: The Mac has a security problem 05/20/2021

The fake System Upate app's on-screen presence. (Source: Zimperium)

An Android app calling itself "System Update" is unmasked as malware by a security company 03/28/2021

The first Apple M1-native running malware has been discovered. (Image source: Apple/PCRisk - edited)

Apple M1-native malware targets users of the new MacBook Pro, MacBook Air, and Mac Mini with unwanted Pirrit adware 02/18/2021

Genshin Impact is currently available on mobile, PlayStation 4, and PC (Image source: MiHoYo)

Free-to-play darling Genshin Impact set to get a next-gen makeover on the PlayStation 5 10/31/2020

Apple is being selective about COVID-19-related apps in the App Store. (Image Source: Dice Insights)

Apple extremely wary about COVID-19 apps on the App Store 03/17/2020

While xHelper can be removed by antivirus software, it will soon reinstall itself. (Image via Malwarebytes forum user Amelia)

Android trojan xHelper can reinstall itself after removal and factory reset 02/15/2020

Even with location services turned off, your iPhone 11 still tracks where you are. (Image: own)

Apple openly admits to iPhone 11 location tracking, offers reason 12/06/2019

iOS 13 had more software patches in its first two months than any other version of iOS released under Craig Federighi

Apple to change in-house testing process for iOS 14 development 11/22/2019

Apple releases iOS 13.2.2 to fix various bugs 11/08/2019

Six more titles come to Apple Arcade 11/08/2019

Apple seeds first developer beta of iOS 13.3 11/06/2019

Apple pulls iOS 13.2 after multiple reports of bricked HomePod smart speakers 10/29/2019

iOS 13.2 released, bringing Deep Fusion, new emoji, and more 10/29/2019

Novelty cases are the least of a phone's worries at Halloween. (Source: Indie Crafts)

Halloween is one of the scariest times for your phone, new research finds 10/26/2019

The Int App Lock icon alongside some code it reportedly runs. (Source: Pradeo Lab)

The "Joker" malware is found to exist within yet another Android app 10/23/2019

An infected directory showing files with a

Lilu/Lilocked ransomware has now infected thousands of Linux servers 09/08/2019

Malware is now a problem when downloading textbooks. (Source: Wikipedia)

Kaspersky claims to have found malware in digital college textbooks 09/06/2019

Security researchers load ransomware onto DSLR over WiFi and encrypt photos in WannaCry-styled attack 08/12/2019

Microsoft security researchers discover new cyber attack through Internet of Things connected devices 08/06/2019

The Persistence of Chaos is a fully functional 10.2-inch Samsung NC10-14GB loaded with viruses. (Source: Deep Instinct)

10.2-inch Samsung NC10-14GB loaded with six dangerous viruses going for over US$1 million in live auction 05/26/2019

Affected Titan Security Keys have a printed

Security flaw found in Google's Titan Security Keys 05/17/2019

Six Android apps on Google's Play Store found to secretively harvest data from users 04/27/2019

Hero to villain: Security researcher responsible for stopping WannaCry pleads guilty to malicious hacking charges 04/23/2019

Asus releases patch to fix Operation ShadowHammer vulnerability in Live Update Utility 03/26/2019

Operation ShadowHammer: Tens of thousands of computers had a security backdoor installed via Asus' Live Update Utility 03/25/2019

In plain sight: Hundreds of millions of Facebook user passwords were stored in plain text 03/21/2019

Loading Comments

Comment on this article

The OnePlus 3 and 3T can now be upg...

Google's printable Paper Phone aims...

Sam Medley - Senior Tech Writer - 1344 articles published on Notebookcheck since 2016

I've been a computer geek my entire life. After graduating college with a degree in Mathematics, I worked in finance and banking a few years before taking a job as a database administrator. I started working with Notebookcheck in October of 2016 and have enjoyed writing news and reviews. I've also written for other outlets including UltrabookReview and GeeksWorldWide, focusing on consumer guidance and video gaming. My areas of interest include the business side of technology, retro gaming, Linux, and innovative gadgets. When I'm not writing on electronics or tinkering with a device, I'm either outside with my family, enjoying a decade-old video game, or playing drums or piano.

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2019 10 > Trojan malware found in 17 apps on Apple App Store

Sam Medley, 2019-10-25 (Update: 2019-10-25)

Trojan malware found in 17 apps on Apple App Store

Source(s)

Related Articles