Apple removed 17 apps from the App Store this week after researchers discovered that the apps were infected with malware.
The apps in question were discovered by mobile security company Wandera and were published by the company AppAspect Technologies. While all of the apps did what they claimed to do in the app store, they also had some pretty gnarly things going on in the background:
“The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction,” Wandera explains.”The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network.”
While malicious, the only impact to users would have been slower phone performance and inflated data use. The apps were able to bypass Apple’s approval process because the malicious activity was happening not within the app’s code, but rather through contact with a remote server.
Here’s the full list of AppAspect iPhone apps infected with the malware:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager – Documents
- Smart GPS Speedometer
- CrickOne – Live Cricket Scores
- Daily Fitness – Yoga Poses
- FM Radio PRO – Internet Radio
- My Train Info – IRCTC & PNR
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019 Pro
- Restaurant Finder – Find Food
- BMT Calculator PRO – BMR Calc
- Dual Accounts Pro
- Video Editor – Mute Video
- Islamic World PRO – Qibla
- Smart Video Compressor
We’ve reached out to AppAspect to see if they’re working on fixing the malware and will update this story if we hear back.
Wandera notes that while it found 17 apps by AppAspect that were infected by malware, the company currently has 51 apps in the App Store. The company tested the free apps offered by the company, which is where it found the 17 infected apps. The 18 other free apps offered by the company in the App Store are not currently infected with malware.
Wandera notes that Android apps that were communicating the same server as the infected iOS apps were also gathering private information such as the make & model of the device, the user’s country of residence, and some configuration details.
That said, those Android apps were not ones made by AppAspect. AppAspect currently has 28 published apps on Google Play, none of which appear to be communicating with the malicious server.
- How to sideload an APK or install an Android app from outside the Play Store
- The best QR code scanning apps for Android or iOS
- How to use Plex to manage and play all of your media, everywhere
- What is Discord?
- MacOS Big Sur: The 4 best new features