Until recently, dangerous and infected applications were usually located in the app store Play Store of Android of devices. However, it seems like now, online Criminals have spread their nets on and on App Store of Apple, where they have infected Clickware applications that can steal their users' personal data.
Below is a list of 17 infected applications that you should uninstall immediately if you have them on your device:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager - Documents
- Smart GPS Speedometer
- CrickOne - Live Cricket Scores
- Daily Fitness - Yoga Poses
- FM Radio - Internet Radio
- My Train Info - IRCTC & PNR
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019
- Restaurant Finder - Find Food
- BMI Calculator - BMR Calc
- Dual Accounts
- Video Editor - Mute Video
- Islamic World - Qibla
- Smart Video Compressor
And 17 infected applications, published by an Indian developer called AppAspect Technologies Pvt. Ltd.
How can they affect your device?
These applications exchange commands with a command and control server for targeted advertising. One of the disadvantages of communicating with one C&C server is that it allows applications to bypass security checks, as a direct channel of communication with the attacker is created. C&C channels are the most commonly used to distribute targeted ads and payloads, as they create a "backdoor" in practice.
These applications communicate with a C & C server that develops very strong encryption, which the researchers could not break.
Researchers found that infected applications were gathering information like its model device, the country of residence of the victim and other details of configuration.
What did Apple respond to?
As soon as Wandera researchers discovered the infected applications, they reported it to Apple. In response, Apple has removed all apps from the App Store, except for two - My Train Info - IRCTC & PNR and Easy Contacts Backup Manager.