London security researchers and Slovak internet security company found that 8 million Android devices are affected by 42 malicious apps. But it is not only Android, even iPhone also been affected by some adware. Mobile security firm Wandera has discovered even the 17 iPhone apps are also been affected by adware. It has been reported to Apple and luckily out of 17, 15 apps have been removed by Apple. For other two apps, Investigation is still going on.
Wandera found that all these malicious apps are been developed by same India based company called AppAspect Technologies.
Wandera has started in the small step. Initially it found some unusual activity of speedometer app connecting to command and control center. This is the same case happened in Android as well for issuing orders to ad fraud malware. Then Wandera took the next step to find the developer of the app and installed their apps for further testing. They have done the analysis to find whether the apps are connecting to servers with bad intention.
“That’s usually where we see the dodgy activity,” says Michael Covington, Wandera’s vice president of product.
On first, all these iPhones are connected to WIFI and tested. As an next step, they have inserted the SIM card and Waited for the action. Suprisingly, all these 17 apps started to connect to same adware server. These are adware are smart enough to wait till the user download the app and use it for some days without any issue. Once it gained the confidence, then it will connect to command and control center for adware execution.
AppAspect Technologies says in their email about this case as “They itself noticed this adware inclusion after Apple has removed its apps. And they itself had no clue why their apps are been behaving in malicious way. There are possibilities where the code has been taken by developers from some third party or unauthorized sources to develop which might inturn had affected the app”.
In 2015, Apple had been through such kind of problem larger scale when some developer forum has incorporated Xcode software tool with data stealing appended to it.
As these are adwares, its main intention is to show and click ads without the user knowledge. Once any of these malicious apps are been installed, adware will connect to the command center in the background, open the ad webpages and click on the ads without user knowledge and oontrol.
“I do realize that this is difficult to police and prevent,” says Thomas Reed, director of Mac and mobile research at cybersecurity firm Malwarebytes.
At the end of the day, even Apple store is also having the apps only. So its not guaranteed that it should be always secure, people also should have the basic idea when the app behaves unusual and should report it.
View Comments