Notebookcheck Logo

Trojan malware found in 17 apps on Apple App Store

If any of these app icons are on your iPhone or iPad, uninstall them immediately. (Image via Wandera)
If any of these app icons are on your iPhone or iPad, uninstall them immediately. (Image via Wandera)
Wandera, a security research firm, has found malware in 17 apps on the Apple App Store. The apps use a clicker trojan module to generate fraudulent web traffic in the background, likely to pump up ad revenue for specific websites. The apps passed through Apple's stringent review process because they connected to a remote server to execute the fraudulent activity rather than having malware embedded directly in their code.

Even the most secure walled gardens have holes.

Researchers at Wandera, a cybersecurity research firm, found trojans in 17 apps on the Apple App Store. The malware-infected apps circumvented Apple’s stringent approval process. The apps (listed below) have been removed from the App Store.

The malware discovered in the affected apps isn’t directly harmful to users and should pose a personal security risk to anyone. Instead, the malware is a “clicker trojan module” that can be used to commit ad fraud.

In short, a clicker trojan is a piece of malware that opens web pages in the background and clicks links without the user’s input or knowledge. This is done to generate revenue by fraudulently upping the “pay-per-click” count of web pages. It is common for website to earn advertising revenue based on the number of clicks a page generates; a clicker trojan automates that process and fraudulently increases the number of views on a web page.

While the infected apps didn’t harvest personal data from users, they likely increased mobile data use and drained battery life because of the web traffic created in the background. 

So how did infected apps pass through Apple’s strict review process? After all, the Apple App Store is known for having an incredibly secure review process to suss out any malicious apps. The apps in question did not have malware embedded directly in their code. Rather, the apps would reach out to a remote server which would then execute the fraudulent web activity. 

Apple stated it will improveWa its app review process to prevent future malware like this. 

The 17 infected apps are all from the same developer: AppAspect Technologies Pvt. Ltd. If you have any of these installed on your Apple device, it’s recommended to remove them immediately:

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
Sam Medley, 2019-10-25 (Update: 2019-10-25)