While the Google Play Store is no stranger to malware-infected apps, the App store seems to be experiencing its first slice of it. Recently, Mobile Security firm Wandera revealed some of the App Store apps which have been infected by clickware. What clickware does is that it steals your data.
Wandera pointed out that the apps deploy a clicker trojan that conducts ad-related fraud in the background.
Given below is the list of the infected apps that were found on the App Store:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager – Documents
- Smart GPS Speedometer
- CrickOne – Live Cricket Scores
- Daily Fitness – Yoga Poses
- FM Radio – Internet Radio
- My Train Info – IRCTC & PNR
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019
- Restaurant Finder – Find Food
- BMI Calculator – BMR Calc
- Dual Accounts
- Video Editor – Mute Video
- Islamic World – Qibla
- Smart Video Compressor
What seems odd is that all the apps are developed by an Indian Developer known as AppAspect Technologies Pvt. Ltd.
Also, the apps include widely used apps in India such as RTO Vehicle Information and My Train Info – IRCTC and PNR.
How do these apps work?
According to DR. Web, the apps communicate with commands to a command and control center to trigger targeted advertising. The direct threat that C&C poses is that it allows apps to bypass security protocols as it establishes a direct communication channel with the attacker. C&C channels distribute targeted advertising and dropping payloads by creating a backdoor to the user’s phone.
What did Apple do?
Immediately after Wandera’s findings, they immediately reported it to Apple. Reportedly, Apple took down several of the apps except for My Train Info – IRCTC & PNR and Easy Contacts Backup Manager.
What do you need to do?
While malicious apps have been removed from the app store. Some users may still have the app installed on their phones which would pose a serious threat to their privacy. The apps have millions of downloads and are very popular in India. I would suggest that people should uninstall the apps as soon as possible.
