A group of ethical hacking experts has discovered a malware variant present in at least 17 apps for Apple, all available in the App Store. The company has started to remove malicious apps from the official store, although it is reported that a considerable number of users would have downloaded at least one of these apps.
After downloading and installing, the apps
infect the target system with a Trojan developed to perform fraud and some
other malicious activities related to background advertising. “Out of the
user’s view, web pages are opened and multiple links are clicked without user
interaction,” the report mentions.
Ethical hacking experts claim that these kinds
of malwares, known as ‘clicker Trojan’, were designed to generate advertising
revenue, inflating traffic from some websites. They also mention that this kind
of malware can be used to remove some legitimate advertisements, causing them
to reach a limit that leaves them offline.
Subsequently, a company spokesperson mentioned
that the apps were removed from the App Store because they have a code that
allows you to perform “artificial clicks”, a practice that goes
against Apple’s policies. “At Apple, we conduct rigorous audits to detect
apps that take advantage of our users to perform any kind of fraud,” the
spokesperson added.
Because Apple does not provide information
about the number of downloads in the App Store, it is not possible to know the
exact number of potentially affected users. However, if you use downloads in
the Google Play Store as a reference, you can make a calculation to some extent
correct. “The number of downloads of the Android counterparts of these
apps exceeds one million users, so affected iOS users could range from 800
thousand to one million”,” the specialists say.
According to ethical hacking specialists from
the International Institute of Cyber Security (IICS), the 17 malware-infested
apps were placed in the App Store by the same developer, identified as
AppAspect Technologies Pvt, based in India. This company has almost 30 apps in
the Google Play
Store, although apparently they don’t connect to the malicious server
related to iOS app
