NEW DELHI: If you think rogue apps are only found on Android then this news will change the way you think about iPhone. Mobile security firm Wandera has discovered 17 apps infected with clickware meant to increase advertising revenue. All of these 17 apps are made by Gujarat-based AppAspect Technologies Pvt. Ltd. Apple has removed 15 of these apps. The Cupertino-based is investigating the fate of the other two.
In a statement Apple confirmed the apps were removed from the App Store, though it said that they did not contain the trojan malware as claimed. But Apple removed the apps for “including code that enabled the artificial click-through of ads.” Apple also said they have updated their tools to detect future submissions of these types of apps.
These apps contained malware that used to open web pages and click on ads in the background. So, while the user is in any of these apps, a backdoor used to connect to the command and control center and open specific web pages or click ads without the knowledge of the user. “The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction,” said Wandera in a blog post.
“The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network, ”it added.
Interestingly, the same developer has 28 apps on Google Play store, however, none of the apps were found to have this ‘clicker’. “Android apps by this developer were not communicating with the identified C&C server,” the security firm said. But this doesn’t mean that the developer did not try their luck on Android.
“AppAspect’s Android apps had once been infected in the past and removed from the store. They have since been republished and don’t appear to have the malicious functionality embedded. It’s unclear whether the bad code was added intentionally or unintentionally by the developer, ”it added.
Recently, Google removed 29 popular Android apps with a total download of more 10 million from Google Play store. Cybersecurity firm Quick Heal Security Labs reported these apps as 24 out of the 29 malicious apps belonged to the HiddAd category. These types of apps simply hide their icon after first launch and create a shortcut on Home Screen. The intention is to not let users uninstall the app. When users launch the App through the shortcut, these apps show full screen ads on device screen. The other five apps are Adware and gets installed through advertisements when Android phone users visit social media sites like YouTube, Facebook, etc.