Apple removed 17 malicious apps from its App Store after it got infected with ‘clicker Trojan malware.’
Even though Apple has removed the apps from the App Store, a significant number of iOS users could have installed them.
Clicker Trojan malware
The Trojan can carry out a specific malicious activity in the background like continually opening and closing web pages or clicking links without any user permission.
The researchers found one case where a user after installing an app, had been fraudulently subscribed to an expensive online service.
“The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic,” said researchers. “They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network,” added researchers along with Wandera.
“We tested all the free iTunes Applications of the developer, and the results show that 17 out of the 35 free applications are all infected with the same malicious clicker functionality and are communicating with the same C&C server,” the researchers said.
Each of the apps contains a ‘malicious’ tricker Trojan module. All of them will carry out ad fraud related tasks in the background which continuously open web pages without any user interaction.
Do you have any of these in your iOS device?
The list of infected apps:
- EMI calculator & loan planner
- Crickone – live cricket scores
- My train info – IRCTC & PNR
- Restaurant Finder – Find Food
- Dual Accounts Pro
- Islamic World Pro – Qibla
- Ramadan Times 2019 Pro
- RTO Vehicle Information
- File Manager – Documents
- Smart GPS Speedometer
- Daily Fitness – Yoga
- FM Radio PRO -Internet Radio
- Around Me Place Finder
- Easy Contacts Backup Manager
- BMT Calculator PRO – BMR Calc
- Video Editor – Mute Video
- Smart Video compressor
“All 17 infected apps were published on the App Store by the same developer, India-based AppAspect Technologies Pvt. Ltd” said, researchers.
The apps were removed for having code that allows for the artificial click-through of ads which is a violation of Apple’s guidelines.
What to do to be on the safer side?
Before installing apps users must check whether it has good reviews and must confirm that they do not request more permission as needed to function properly.
In order to protect your data from being stolen Wandera also recommends installing a mobile security solution that would block malicious apps from communicating with their C2 servers.
You may be interested in reading: Click2Mail Suffers Data Breach