Games on Apple’s App Store connected with a server used to spread malware
A few games on the App Store raised concerns with the digital security company Wandera, TechCrunch reported. The dubious activity that caught Wandera’s attention was that the games, 14 in total and mostly ports of retro/classic games, were communicating with the same server that was used to spread the Golduck malware (malicious software).
Since we’re sure you’re not on first-name basis with different malware, here’s some more info about Golduck. It was first caught in 2017 on classic games (coincidence?) found on the Google Play store and was used to install a piece of software on users' smartphones that would then send SMS text messages to generate revenue for its creators and rack up users’ monthly bills without them ever knowing such activity is happening.
While no wrongdoing was detected at the time the games on the App Store were discovered, the blacklisted server only being used to display different ads, the experts say that this can be changed at any time to something more sinister. Digging into the games’ activity, the researchers did notice that the games were sending IP other unusual information about the devices they were installed on. When trying to reach out to the publishers of the games, it was discovered that the information provided on the App Store leads to dead ends and nonexisting websites.
Apple was informed of the suspicious games and currently, none of them show up when searching from the App Store. This is a rare occasion when a potentially dangerous app shows up in Apple’s tightly controlled ecosystem. The company has a pretty good track record when it comes to the safety of the software the App Store offers.