15 Apps By Gujarat-Based Company Were Cheating With Users, So Apple Removed Them From App Store
Malicious apps are a common thing on Google's Play Store. But if you thought Apple's App Store is all clean and secure, we're here to pop this bubble for you.
Mobile security firm Wadera discovered 17 clickware-based malicious apps on Apple's App Store. Clickware apps are notorious to generate advertising revenue by fooling its users.
Upon Wadera's notification, Apple went ahead and removed 15 of these apps from its App Store.
What's surprising is the fact that all these apps are from a small app development company based out of Gujarat called AppAspect Pvt. Ltd.
The apps when opened, used to open web pages in the background while clicking on ads. Whenever a user was using any of these apps, a backdoor would connect to the command and control centre that would enable the opening of webpages and clicking of ads without the user even finding out about it.
Wadera stated in a blog post. "The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction."
The post further added, "The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network."
AppAspect has these apps on the Play Store too. However, they aren't showing a similar behaviour as the iOS apps. But not for lack of trying.
Wadera's post says "AppAspect's Android apps had once been infected in the past and removed from the store. They have since been republished and don't appear to have the malicious functionality embedded. It's unclear whether the bad code was added intentionally or unintentionally by the developer."
Install apps from trusted sources only and always read the reviews before downloading an app to be wary of such malicious apps.
Upon Wadera's notification, Apple went ahead and removed 15 of these apps from its App Store.
What's surprising is the fact that all these apps are from a small app development company based out of Gujarat called AppAspect Pvt. Ltd.
The apps when opened, used to open web pages in the background while clicking on ads. Whenever a user was using any of these apps, a backdoor would connect to the command and control centre that would enable the opening of webpages and clicking of ads without the user even finding out about it.
Wadera stated in a blog post. "The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction."
The post further added, "The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network."
AppAspect has these apps on the Play Store too. However, they aren't showing a similar behaviour as the iOS apps. But not for lack of trying.
Wadera's post says "AppAspect's Android apps had once been infected in the past and removed from the store. They have since been republished and don't appear to have the malicious functionality embedded. It's unclear whether the bad code was added intentionally or unintentionally by the developer."
Install apps from trusted sources only and always read the reviews before downloading an app to be wary of such malicious apps.