Apple removed 17 apps from the App Store this week after researchers discovered that the apps were infected with malware.
The apps in question were discovered by mobile security company Wandera and were published by the company AppAspect Technologies. While all of the apps did what they claimed to do in the app store, they also had some pretty gnarly things going on in the background:
“The clicker trojan module discovered in this group of applications is designed to carry out ad fraud-related tasks in the background, such as continuously opening web pages or clicking links without any user interaction,” Wandera explains.”The objective of most clicker trojans is to generate revenue for the attacker on a pay-per-click basis by inflating website traffic. They can also be used to drain the budget of a competitor by artificially inflating the balance owed to the ad network.”
While malicious, the only impact to users would have been slower phone performance and inflated data use. The apps were able to bypass Apple’s approval process because the malicious activity was happening not within the app’s code, but rather through contact with a remote server.
We’ve reached out to AppAspect to see if they’re working on fixing the malware and will update this story if we hear back.
Wandera notes that while it found 17 apps by AppAspect that were infected by malware, the company currently has 51 apps in the App Store. The company tested the free apps offered by the company, which is where it found the 17 infected apps. The 18 other free apps offered by the company in the App Store are not currently infected with malware.
Wandera notes that Android apps that were communicating the same server as the infected iOS apps were also gathering private information such as the make & model of the device, the user’s country of residence, and some configuration details.
That said, those Android apps were not ones made by AppAspect. AppAspect currently has 28 published apps on Google Play, none of which appear to be communicating with the malicious server.
Related Posts
OnePlus 15T leak spills details on a curious camera situation
According to the Chinese tipster Digital Chat Station (via Weibo), a "small-screen phone powered by the Snapdragon 8E5 is ready," translated from simplified Chinese. This phone, believed to be the OnePlus 15T, could feature a dual-camera setup "with a 50MP main sensor and a 50MP telephoto lens."
WhatsApp has begun testing a long-overdue group chat feature
The Meta-owned messaging platform is testing a new feature called "group chat history sharing" (via a WABetaInfo report). As the name suggests, the feature lets a WhatsApp user (likely the admin) share the chat history (up to 100 messages sent within 14 days) with someone while adding them to a group.
Google Photos introduces a fun new way to turn yourself into a meme
According to a recent post on Google's support forums, Me Meme is a generative AI feature that lets you star in trending memes using a template and a photo of yourself. It's rolling out in Google Photos for Android in the US, and you can try it out by tapping the "Create" button and selecting the new "Me meme" option.