Who would have thought that even iOS is not secure from the malware attacks. Recently, more than a dozen of iOS apps were found to be inflicted by the Clicker Trojan malware that performed an ad related fraud in the background.
The developers of this malware used command and control (C2) servers to perform this malicious act. Before iOS, Android has also been inflicted by the same ad fraud campaign, which was identified after more than a million people had downloaded the apps with malware.
With iOS, more than 17 apps have been found to contain this malware in them, which opens a web page in the background and performs ad fraud. All the iPhones, iPods, and iPads are under serious threat due to this malware activity.
The attackers are performing this malicious act to generate revenue through pay-per-clicks by inflating the website traffic, as said by the researchers at Wandera Threat Labs.
These apps performing malicious activities are produced by India-based AppAspect Technologies Pvt. Ltd. who published 51 apps in the Apple store and 28 apps in the Android store.
As per the researchers at Wandera, nobody is quite sure if the developers intentionally added the malicious code in the apps or otherwise.
The apps were introduced in many different categories to target people looking for different apps on the Apple store. Before infecting iOS apps with malware, the same developers have also infected Android apps with their ad fraud campaign due to which the apps were taken down from the Google Play store to be launched later.
With Android apps, the researchers were able to come up with a number showing how many people downloaded the apps but it is not the case with the iOS users. The researchers reported that the malware is activated after 8 hours of the download of the app after which it starts collecting user information.
The same information is then forwarded to the C2 server from there it is replied with information on commands and new modules.
The researchers have advised the users to look for the developer and reviews on apps before downloading them. Also, users should download mobile security solutions to protect their phones from any malware activity. Taking such initiatives will help take down the number of malware attacks that people face each day.
Read next: Google, yet again, fails to secure its Android store from malicious apps
The developers of this malware used command and control (C2) servers to perform this malicious act. Before iOS, Android has also been inflicted by the same ad fraud campaign, which was identified after more than a million people had downloaded the apps with malware.
With iOS, more than 17 apps have been found to contain this malware in them, which opens a web page in the background and performs ad fraud. All the iPhones, iPods, and iPads are under serious threat due to this malware activity.
The attackers are performing this malicious act to generate revenue through pay-per-clicks by inflating the website traffic, as said by the researchers at Wandera Threat Labs.
These apps performing malicious activities are produced by India-based AppAspect Technologies Pvt. Ltd. who published 51 apps in the Apple store and 28 apps in the Android store.
As per the researchers at Wandera, nobody is quite sure if the developers intentionally added the malicious code in the apps or otherwise.
The apps were introduced in many different categories to target people looking for different apps on the Apple store. Before infecting iOS apps with malware, the same developers have also infected Android apps with their ad fraud campaign due to which the apps were taken down from the Google Play store to be launched later.
- Also read: Apple requests iPhone users to upgrade device or software ahead of a potential malfunction
With Android apps, the researchers were able to come up with a number showing how many people downloaded the apps but it is not the case with the iOS users. The researchers reported that the malware is activated after 8 hours of the download of the app after which it starts collecting user information.
The same information is then forwarded to the C2 server from there it is replied with information on commands and new modules.
The researchers have advised the users to look for the developer and reviews on apps before downloading them. Also, users should download mobile security solutions to protect their phones from any malware activity. Taking such initiatives will help take down the number of malware attacks that people face each day.
Read next: Google, yet again, fails to secure its Android store from malicious apps
