Apple iPhone users yesterday were warned to check their devices against a list of malicious apps disclosed in a report from security company Wandera. Apple has now confirmed the removal of these apps and says App Store security tools have updated to detect similar apps.
Seventeen malicious iPhone apps have been removed from the Apple App Store after being found to click on adverts secretly, generating income for cyber criminals.
Uncovered by researchers at security company Wandera, the 17 applications cover a range of categories including productivity, platform utilities, and travel. All 17 were found to be communicating with the same command-and-control server, which uses strong encryption in an effort to hide investigation into the malicious activity.
“We believe these apps bypassed the Apple vetting process because the developer didn’t put any ‘bad’ code directly into the app. Instead, the app was configured to obtain commands and additional payloads directly from the C&C server, which is outside of Apple’s review purview,” said Michael Covington, VP of product strategy at Wandera.
In an email to ZDNet, Apple confirmed that the offending applications have been removed from the App Store and that security tools have been updated to detect similar apps being uploaded in future.
MacDailyNews Take: This sort of patch-and-repair for the Walled Garden, making it stronger, is a Good Thing™ for all of us in the long run!