Do you trust all the apps that are downloading on your iPhone?
Experts in the field of cybersecurity has found more than a dozen apps for iPhone, secretly interacting with a server associated with Golduck. This malware at the time caused a lot of problems for Android users. Infecting the popular classic gaming applications, Golduck allows attackers to execute arbitrary commands and send SMS from the victim’s phone. About it reports TechCrunch, citing studies Wandera.
The program Golduck is known for more than a year, since, as was first discovered by specialists of Appthority. It transmitted a classic retro game on Google Play by embedding code that allowed quietly to pass malicious data to the device. At the time, Golduck appeared on the gadgets more than 10 million users, which allowed hackers to launch various viral team. Way to make money, the attackers saw, for example, the ability to send SMS messages from the infected smartphone.
Now researchers say that iPhone apps related to malware, can also be dangerous.
Wandera, a company security enterprises, and found 14 of iOS apps that communicate with the same server control and monitoring, used BY the malware Golduck. Applications detected Wandera also look like an innocent retro games. By themselves they are not malicious programs, but offer hackers access to your iOS device the victim. It is known that these apps have been installed nearly one million times since the release, except for re-downloading or installing on different devices. At the time of writing the news all the apps from the App Store removed.
Researchers at Wandera noted that the apps themselves are not technically compromised. But even if they do not contain malicious code, a backdoor, which they open, carries the risk of third party impacts. If the server Golduck sends malicious data to Android users, iPhone users could be next.
TechCrunch ran the app on iPhone net through a proxy server to see where it goes data. It turned out that the app reported malware information about the application, version, device type and IP address.
How to recognize a potentially unwanted application
Below you will find tips, compiled by experts in Wandera that will help to find in the application to potential security risks.
Tip No. 1: bad reviews, inconsistencies, bad user experience
Suspicious application receives a number of bad reviews for a bad user interface. For example, users dissatisfied with a questionable Block Game, noted these points:
- The pause button does not save the game;
- The background music is “annoying”;
- Button adjustments, partially hidden behind the ads in the main menu does not work;
- The only working button is “play”.
Some developers are guilty of writing fake positive reviews. Even if the app looks the popular, the overall rating should not be the only indicator.
Discrepancies are found even in the title of the app appears in the app icon and on the splash screen of the game. For example, the game, came under suspicion Wandera, the icon was listed as a Block Game. And in the clear app was called Block Puzzle .
Tip # 2: too much is
Potentially dangerous the game constantly displays the embedded ads in the application. In Block Game, for example, to display ads on the device used Google’s advertising network Admob, which allowed the developer to monetize the game. Advertising in these apps run even a pause button.
Tip No. 3: dubious developers
Another sign of poor implementation of games focusing solely on monetization and not on user experience or gameplay. Causing the issue app can give a link to the support page, which contains information about a totally different game. Wandera, for example, found that page 14 of retro games pointed to Google sites.
The conclusion, as always in such cases, utterly banal: do not download on your iPhone that you don’t need, and what you can’t trust 100%.
MDlavka — our store for your favorite readers. Technology Apple for the most pleasant prices are waiting for you every day from 10:00 to 21:00. Readers Macdigger.ru discount.