Apple removes 15 clickware infected apps from App Store made by an Indian developer

We’ve heard about mobile applications infected with malware on Android smartphone but now it seems that Apple is also not behind in this department. As per the report from mobile security firm Wandera, 17 applications on the Apple App Store have been affected by Clickware.

Apple-App-Store-e1572014887692

Apple has removed 15 applications of those 17 from the App Store and is said to be investigating the fate of the other two. Here’s the list of infected applications:

List Of Infected Apps

  • RTO Vehicle Information
  • EMI Calculator & Loan Planner
  • File Manager – Documents
  • Smart GPS Speedometer
  • CrickOne – Live Cricket Scores
  • Daily Fitness – Yoga Poses
  • FM Radio – Internet Radio
  • My Train Info – IRCTC & PNR
  • Around Me Place Finder
  • Easy Contacts Backup Manager
  • Ramadan Times 2019
  • Restaurant Finder – Find Food
  • BMI Calculator – BMR Calc
  • Dual Accounts
  • Video Editor – Mute Video
  • Islamic World – Qibla
  • Smart Video Compressor

Notably, all of these 17 infected apps are published by AppAspect Technologies Pvt. Ltd., which is a Gujarat-based app development company.

These apps contain malware designed to open web pages or click on advertisements in the background without interaction or knowledge of the user. With such actions, the company aims to generate revenue every time an ad is clicked on.

Wandera, the company which published the report, also points out that it can be used to financially cripple a competitor by clicking on ads to hike the amount of money owed to an ad network.

In this case, the apps use a C&C server (Command & Control) which is like having a backdoor placed inside an app. Through this, it can distribute ads, send commands and even payloads. This is done through encrypted communications between the app and the server.

In a statement, Apple confirmed the apps were removed from the App Store, though it said that they did not contain the trojan malware but the company removed the apps for “including code that enabled the artificial click-through of ads.” Further, Apple added that they have updated their tools to detect future submissions of these types of apps.