More than a dozen iOS apps infected with clicker trojan malware were found to be distributed via Apple’s App Store. These apps were used to perform ad fraud tasks for their developers.
Which are the infected apps?
Discovered by researchers from Wandera, the group of 17 infected apps covers different categories including productivity, platform utilities, and travel. The affected apps are:
Except for ‘My Train Info -IRTC & PNR’, all other apps are published on the App Stores in various countries by the same developer named AppAspect Technologies Pvt. Ltd.
What are the capabilities of clicker trojan?
Connected to an Android ad fraud campaign
Wandera researchers confirmed that the C2 server used by this iOS clicker trojan is similar to the one used in a recent Android ad fraud discovered by researchers at Dr. Web.
Dr.Web researchers had reported a very similar clicker trojan campaign affecting Android users. The malware was dubbed as Android.Click.312.origin and Android.Click.313.origin. These trojans were available in over 33 apps distributed through the Google Play Store.
What has Apple done?
Apple has taken down all the compromised apps, except for two - My Train Info – IRCTC & PNR and Easy Contacts Backup Manager. It will continue to monitor the activities of these apps.