Apple and Google remove 50+ malicious apps that stole your data
Apple and Google have cumulatively removed over 50 apps from their respective mobile app stores that were found serving malicious ads to millions of users.
The findings were were disclosed separately by London-based mobile security firm Wandera and Slovakian security solutions provider ESET.
Once installed, the appdidnt just serve disruptive fullscreen ads, butalso connected to a remote server to send details about the infected device: device type, OS version, language, number of installed apps, free storage space, battery status, whether the device is rooted and Developer mode enabled, and whether Facebook and FacebookMessenger are installed.
The Andoid apps also had one other clever trick up their sleeves: geofencing Googles IP addresses to hide the adware behavior so that it would bypass Google Play security checks.
Although the malware-infested apps been removed from Google Play, itspossible theyre available on third-party app stores or already installed on peoples phones.
Malicious apps have continued to plague official app stores both for iOS and Android, as smartphones haveproven to be a lucrative attack surface for criminals to carry out highly targeted campaigns.
Techniques like those used in this example also point to more instances of malware being introduced into official app sources, making it more accessible to everyday consumers and mobile workers alike, Wandera said.
Although Apple and Googles official app stores are the safest places to download apps, malware-ridden apps have found one way or the other to get around the security checkpoints and slide into the platforms.
We use cookies and analyse traffic to this site. By continuing to use this site, closing this banner, or clicking "I Agree", you agree to the use of cookies. Read our privacy poplicy for more information.