Apple Removed 17 Clickware Apps Of Gujarat-Based Firm For Scamming Users

It is such a common thing to discover malicious apps on Google Play Store. But if you ever thought that the App Store of Apple is all safe and secure, you have thought wrong.

Wandera, a mobile security firm, found on Apple App Store 17 malicious apps. All of these are clickware apps which are known for scamming its users to generate advertising revenue.

After receiving the notification from Wadera, Apple immediately wiped out these apps.

What’s surprising is that all these apps are created by a small app development firm from Gujarat named AppAspect Pvt. Ltd. Once users open the app, it opens in the background web pages while clicking on the ads. A backdoor will make a connection to the control and command center, leading to the enable of the webpages' opening and the ads’ clicking. And the user won’t even know anything about it.

In a blog post, Wadera wrote that in these applications, it found a clicker trojan module that was designed for ad fraud-related tasks running in the background like opening web pages continuously or clicking links without the knowledge of the users.

The post further added that by inflating website traffic, most clicker trojans’ will create revenue for on a pay-per-click basis for the attacker. The trojans can also be used for draining a competitor’s budget by artificially increasing the balance that a competitor owes to the ad network.

These apps are also on the Google Play Store but without a similar behavior of those on the Apple App Store.

According to Wandera’s post, the Android apps of AppAspect had been infected before and were taken down from the Google Play Store. After that, they have been republished and do not seem to have with them the malicious functionality. It is unclear whether the developer added the bad code intentionally or unintentionally.

To avoid these malicious apps, you should always install apps that are from trusted sources and read the reviews carefully before installing an app.