Petr Škuta Apple confirmed that he had to App Store remove a total of 17 malicious applications. All of them passed the approval process.
total 17 apps from a single developer was removed from App StoreThey fell into various areas, including restaurant search engines, BMI calculators, internet radio, and many others.
The malicious apps were discovered by Wandera, a company that deals with security on mobile platforms.
A so-called clicker trojan was discovered in the applications, i.e. an internal module that takes care of repeatedly loading web pages in the background and clicking on specified links without the user's knowledge.
The goal of most of these Trojans is to generate website traffic. They can be used as such to overspend the competitor's advertising budget.
Although such a malicious application does not cause any major problems, it can often exhaust, for example, the mobile data plan or slow down the phone and drain its battery.
Damage to iOS are smaller than on Android
These apps easily avoid the approval process because they do not contain any malicious code themselves. They download it only after connecting to a remote server.
The Command & Control (C&C) server allows applications to bypass security checks, as communication is established directly with the attacker. C&C channels can be used to distribute advertisements (the aforementioned iOS Clicker Trojan), or files (attacked image, document, etc.). The C&C infrastructure uses the backdoor principle, where the attacker himself decides to activate the vulnerability and execute the code. In case of detection, he can hide the entire activity.
Apple has already responded and intends to modify the entire application approval process to capture these cases as well.
It could be interest you
Amaya Toman The same server is also used to attack applications on the Android platform. Here, however, thanks to the greater openness of the system, the attacker canchat more damage.
Android versions can allow the server to collect private information from the device.macincluding configuration settings.
For example, one of the apps itself activated an expensive subscription in a helper app that it downloaded without the user's knowledge.
Mobile iOS is trying to prevent this a technique called sandboxing, which defines the space where each application can operate. The system then checks all access, apart from and without granting it, the application has no other rights.
Deleted malicious apps came from the developer AppAspect Technologies:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager - Documents
- Smart GPS Speedometer
- CrickOne - Live Cricket Scores
- Daily Fitness - Yoga Poses
- FM Radio PRO - Internet Radio
- My Train Info - IRCTC & PNR
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019 Pro
- Restaurant Finder - Find Food
- BMT Calculator PRO – BMR Calc
- Dual Accounts Pro
- Video Editor - Mute Video
- Islamic World PRO - Qibla
- Smart Video Compressor
