On Thursday, Wandera, a mobile security company, reported 18 Trojan infected malware apps which were found in the Apple App Store. Interestingly, all of these apps had the same India-based developer.
By Friday morning, Apple confirmed that they removed the Apps from their App Store and rebooted the system.
Apple had forever remained the safest, most secure customer device you can buy. With it’s advanced Anti-Virus Software and security precautions always in check, it was quite shocking when the news about the 18 Malware Apps broke out.
Though the Apps were previously thought to have mischievous intentions, Wandera claims that the Apps simply ‘ran invisible ads in the background of the device, generating phony website clicks to inflate ad revenues’.
These sort of App have often been found lingering in Android phones. Even though the major harm that these Apps could cause was quick draining of battery life, questions about Apple’s security measures and how these Apps even came into the App Store were raised.
The way the existence of these apps became known was a little concerning. Wandera came across some suspicious activity that was going on in a customer’s iPhone. A lone speedometer app had made unexpected contact with a so-called command and control server, which they assumed was an act of an app that had gone rogue.
But to find out the root cause of the app’s malfunction, Wandera planned to work it’s way back. It identified the developer of the app, India-based AppAspect Technologies, and installed its dozens of offerings on iPhones for further testing. First, a static analysis, poring over the code to look for any embedded shenanigans. Then a dynamic analysis, looking for any outbound connections to a far-flung server with bad intentions.
“That’s usually where we see the dodgy activity,” says Michael Covington, Wandera’s vice president of product. “In this case, we weren’t seeing it.”
Here are all of the apps in question:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager – Documents
- Smart GPS Speedometer
- CrickOne – Live Cricket Scores
- Daily Fitness – Yoga Poses
- FM Radio – Internet Radio
- My Train Info – IRCTC & PNR
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019
- Restaurant Finder – Find Food
- BMI Calculator – BMR Calc
- Dual Accounts
- Video Editor – Mute Video
- Islamic World – Qibla
- Smart Video Compresso
The technology in these apps is simple but effective. If downloaded and opened, these would work perfectly normal without showing any anomaly. It would, however, run it’s malicious activities in the background and eat up all your battery. Your phone would soon become an invisible click farm for all the ads.