Apple quietly removed 17 sketchy apps from the App Store for delivering malware. All made by one developer based in India, the apps secretly generated money by clicking ad links and opening background windows without users’ knowledge.
Although less malicious than some other malware, the apps still threatened to slow down devices or drain batteries.
Security company Wandera discovered the malicious apps, with titles like RTO Vehicle Information, EMI Calculator & Loan, and CrickOne – Live Cricket Scores. Altogether, the developer in question published 51 apps to the App Store. The remaining apps are seemingly still active.
“We believe these apps bypassed the Apple vetting process because the developer didn’t put any ‘bad’ code directly into the app,” said Michael Covington, VP of product strategy at Wandera. “Instead, the app was configured to obtain commands and additional payloads directly from [a command-and-control server] server, which is outside of Apple’s review purview.”
Malware slips by Apple’s App Store review process
Apple reviews all apps before allowing them in the App Store. The company famously uses human curators rather than relying on bots, generally yielding great results. Still, sometimes malware slips through. And occasional high-profile bans leave Apple open to criticism for its somewhat opaque app review process. Meanwhile, the company faces antitrust scrutiny for its App Store practices.
Apple confirmed to ZDNet that it removed the malicious apps. In the wake of the apps’ removal, Wandera said users should exercise caution and common sense before downloading apps. “We recommend taking some extra time to research an app before downloading it,” Covington said. He suggested that users look at app reviews to help determine if an app looks dodgy. Doing just a little bit of due diligence can pay off.
Hopefully, Cupertino, too, can take proactive steps to stop similar abuses from occurring in the future.