Here are 17 iOS apps, infected with clickware, that need to be uninstalled now

Here are 17 iOS apps, infected with clickware, that need to be uninstalled now
While lately, it would seem that we've been pointing out malware-laden Android apps that should be uninstalled from an Android device, some iOS apps are just as bad and need to be removed from an iPhone, iPad or iPod touch immediately. Mobile security firm Wandera has discovered 17 clickware apps in the Apple App Store. These contain malware designed to open web pages or click on ads in the background without interaction or knowledge on the part of the user. The motive is to generate revenue for the bad actor who gets paid every time an ad on his or her website is clicked on. Wandera also points out that it can be used to financially cripple a competitor by clicking on ads to hike the amount of money owed to an ad network.

The 17 apps are all from a variety of categories including productivity, platform utilities, and travel. They were found in various countries, listed in the App Store. All 17 were developed by AppAspect Technologies Pvt. Ltd, a company based in India. The apps use a C&C server (Command & Control) which is like having a backdoor placed inside an app. Through this channel, bad actors can distribute ads, send commands and even payloads. This is done through encrypted communications between the app and server. The developer has a total of 51 apps listed in Apple's iOS app storefront, 35 of them free. Of those 35, 17 communicate with the C&C server. They are:

  • RTO Vehicle Information
  • EMI Calculator & Loan Planner
  • File Manager – Documents
  • Smart GPS Speedometer
  • CrickOne – Live Cricket Scores
  • Daily Fitness – Yoga Poses
  • FM Radio – Internet Radio
  • My Train Info – IRCTC & PNR (not listed under developer profile)
  • Around Me Place Finder
  • Easy Contacts Backup Manager
  • Ramadan Times 2019
  • Restaurant Finder – Find Food
  • BMI Calculator – BMR Calc
  • Dual Accounts
  • Video Editor – Mute Video
  • Islamic World – Qibla
  • Smart Video Compressor
Wandera notes that when its Threat Research team discovered the vulnerability, it automatically spoke with Apple, which removed 15 of the apps. The only two that remain listed in the App Store are My Train Info – IRCTC & PNR and Easy Contacts Backup Manager.

It should also be pointed out that the same developer has 28 apps listed in the Google Play Store, although none of them communicate with the C&C server. However, keep in mind that AppAspect Technologies has listed infected Android apps in the Google Play Store in the past and they were removed by Google. The apps were subsequently republished and are now apparently clean, according to Wandera.

If you have any of these apps on your iOS device, delete them immediately!


For those who believe that only Android apps get infected with malware, Wandera says, "This discovery is the latest in a series of bad apps being surfaced on an official mobile app store and another proof point that malware does impact the iOS ecosystem." The mobile security firm adds that "mobile malware is still one of the less frequently seen threats in the wild, but we are seeing it used more in targeted attack scenarios. Techniques like those used in this example also point to more instances of malware being introduced into official app sources, making it more accessible to everyday consumers and mobile workers alike."

If you have any of the above-listed apps on your iPhone, iPad or even iPod touch, you should uninstall them immediately. In the best-case scenario, these apps are opening websites, serving up ads and clicking on them in the background without requiring any interaction on your part. But this could help drain your battery and hog your phone's resources. And in the worst-case scenario, payloads could be deposited on your iPhone designed to steal your personal information like passwords and other private data.

FEATURED VIDEO

39 Comments

1. cmdacos

Posts: 4302; Member since: Nov 01, 2016

......

15. lyndon420

Posts: 6860; Member since: Jul 11, 2012

Good save cmdacos! Coulda, probably, maybe almost got yourself moderated - most likely... doesn't take much lately...

38. CellieCell

Posts: 153; Member since: Apr 14, 2010

Is a good thing apple is being cautious about clickware nowadays! It's unfair of companies to take advantage of users when we're not aware of what's going on behind the scenes.

4. JamesW

Posts: 29; Member since: Jun 13, 2013

I thought that the app store didn't have any harmful apps?

23. Vokilam

Posts: 1343; Member since: Mar 15, 2018

How are they harmful to the user?

7. koioz

Posts: 177; Member since: Nov 29, 2018

App is made of code, malware is made of code. Any hardware that runs code can run malware. The hard thing is most users are 100% confident that they are totally safe because they got drunk too much of these companies' eye candy marketing bs. Just to sum up, Thanos is inevitible and Optimus PRIME is indivisible.

12. darkkjedii

Posts: 31529; Member since: Feb 05, 2011

The app store is perfect, has never had a harmful app, just as iOS is perfect, and has never had any issues, just as the iPhone is perfect, and all #gates were fabricated. 17 harmful apps in iOS. We'll see a shark drive a racecar, before that happens. ;/

18. Alcyone

Posts: 533; Member since: May 10, 2018

And the U1 chip failing is a joke. Just an excuse to get a new phone.

29. AlienKiss

Posts: 241; Member since: May 21, 2019

Just by what you wrote proofs the fact that you have nothing to do with programming in general. Anything that runs on 1 and 0 is a potential victim. Ever heard of DoS attacks? Or SQL injections? Or Airmon-NG? (By the way, I can do all of this from my rooted android phone) In the last few years I developed quite an appetite for digital security and lemme tell you this: if someone wants to hack something, they'll eventually do it. It only takes time, effort and a high IQ level. Add some C language program to create a buffer overflow and that guy can do a lot of things.. The malware in question seems to be a web crawler written in Python (surfs the net for specific web pages, clicks adds or whatever the script is set up to do). Also, ANY file can have appended malware code, which means it can contain evil lines of code and you will never notice it. It can be a photo, a video , a document, you name it. Just start studying some bash script since you're so into apple (which is running on Linux type os) and eventually you'll understand programming and how it works. Prove to us that Apple users are using their brain!

31. WieXXX

Posts: 24; Member since: Feb 03, 2019

so..you are nerd.

34. darkkjedii

Posts: 31529; Member since: Feb 05, 2011

So you totally missed my sarcasm LMAOOOO! I even put the sarcasm smiley dude lol.

13. koioz

Posts: 177; Member since: Nov 29, 2018

These apps are just few birds in the wild. There are more malware inflated apps undiscovered. Hope it will be cleansed, or at least an update to ios that will render the malware's function void

14. lyndon420

Posts: 6860; Member since: Jul 11, 2012

If it's connected to the internet it can be hacked. But when you try to convince the apple elite about this?! lol

30. AlienKiss

Posts: 241; Member since: May 21, 2019

More like the elite of gullible people.. :)) We have to respect hackers man. They are actually using their brains. We have to give them credit for that. Unlike the so called 'elite' lmao

17. Jrod99

Posts: 776; Member since: Jan 15, 2016

Glad I don’t have any of these.

19. Derekjeter

Posts: 1546; Member since: Oct 27, 2011

You need to add, IG FACEBOOK WHATSAPP and pretty much anything created by that dirt bag Zucker

24. Vokilam

Posts: 1343; Member since: Mar 15, 2018

I agree.

25. KingSam

Posts: 1492; Member since: Mar 13, 2016

Wow surprised to see Documents. I love that app.

32. cezar

Posts: 1; Member since: Oct 25, 2019

I think is another app in question and not the Documents app developed by Readdle Inc. which seems to be a legit one.

27. tbreezy

Posts: 115; Member since: Aug 11, 2019

Luckily if anything affects us iOS users the majority of us can get an update at the same time and not have to wait for an OEM and Carrier :D This is nothing and it seems Apple has already cleared most of them. This part made for an interesting read though: “ It should also be pointed out that the same developer has 28 apps listed in the Google Play Store, although none of them communicate with the C&C server. However, keep in mind that AppAspect Technologies has listed infected Android apps in the Google Play Store in the past and they were removed by Google. The apps were subsequently republished and are now apparently clean, according to Wandera.” LOL.

28. tedkord

Posts: 17452; Member since: Jun 17, 2009

ADF in the HOUSE!

33. koioz

Posts: 177; Member since: Nov 29, 2018

" it seems Apple has already cleared most of them" You can't even prove your assumption. Read again the article and realize that not Apple itself found those malicious apps. Then how can you conclude that most of them are cleared? Stop proving the myth that isheeps are bunch of d***h***s. You're a shame to Apple community.

35. tbreezy

Posts: 115; Member since: Aug 11, 2019

Maybe you should go back and read the article: “ Wandera notes that when its Threat Research team discovered the vulnerability, it automatically spoke with Apple, which removed 15 of the apps. The only two that remain listed in the App Store are My Train Info – IRCTC & PNR and Easy Contacts Backup Manager.” Apply your last 2 sentences to yourself. :) cheers!

36. koioz

Posts: 177; Member since: Nov 29, 2018

Can't get my point? There are millions of apps in the appstore, these malware are like cancer cells scattered everywhere. Are you sure that only 17 apps up there having this type of issue? We don't know if there are hundreds of them or thousands of them still inside the store. Apple failed to discover these malware in the first place (because Wandera found it, not Apple itself). How can you prove that most of them are cleared by apple? One type of bad app right now are some Loan apps which charge ridiculous interest. Google have started cracking those, and Apple doesn't started a move. We all know that Appstore have better reputation than google play and Apple should maintain that good reputation.

37. tbreezy

Posts: 115; Member since: Aug 11, 2019

I am talking about the apps in the subject topic dude, we cannot talk about other malware as we cannot quantify how much there is or isn’t of it, but what Apple were told about they have cleared most of it, exactly as stated in the article. You really want to argue about things that we cannot even measure? Go ahead :’D

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.