Malware-ridden apps are common in the Android Play Store, but it seems that Apple is catching up quick. The App Store has also been affected by Clickware apps that are a threat to your personal data.
As pointed out by the mobile security firm Wandera, there are 17 apps on the Apple App Store that deploy a clicker trojan to conduct ad fraud related tasks in the background.
Here is the list of the 17 infected iOS apps that you need to uninstall right now to prevent fraudulent activities:
List Of Infected iOS Apps
Notably, all the 17 infected apps are published by an Indian-based developer named AppAspect Technologies Pvt. Ltd.
How Do These Apps Infect You iOS Devices?
As per Dr. Web, the apps communicate commands with a command and control server to trigger targeted advertising. One of the downsides of communicating with a C&C server is that it allows apps to bypass security checks as a direct communication channel is established with the attacker. C&C channels are notorious for distributing targeted advertisements and dropping payloads as it creates a ‘backdoor’ into the app.
The apps in question communicate with a control and command server that deploys highly strong encryption which researchers have not been able to crack.
The researchers have found out that the infected apps were gathering information like the device’s make and model, victim’s country of residence and other configuration details.
As soon as Wandera’s researchers found out about the infected apps, they reported it to Apple. In response, Apple has taken down all the apps from the App Store except two apps – My Train Info – IRCTC & PNR and Easy Contacts Backup Manager.
Uninstall The Apps
While Apple has removed the app from the AppStore, many users might still be using the last downloaded version which could be harmful to their privacy. Interestingly, these are popular apps with millions of downloads. We recommend our readers to uninstall these apps as soon as possible to evade any possible attack or theft of personal information.