Latest in Gear

Image credit:

Over a dozen iPhone apps talked to a known malware server

The apps themselves appeared to be safe, but might have been risky later.
Jon Fingas, @jonfingas
January 7, 2019
Share
Tweet
Share

Sponsored Links

Chris Velazco/Engadget

Apple's App Store has generally had fewer security concerns than the Google Play Store, but that hasn't stopped questionable apps from slipping through the cracks. Security researchers from Wandera have discovered 14 games that all communicated with the same server used to control Golduck malware for Android. While the apps themselves appeared innocuous, they were loaded with ads. It would have been feasible to use ads to trick users into granting permission for malware installed outside the App Store, Wandera told TechCrunch.

Apple hadn't commented when TechCrunch reached out, but access to the apps is now limited. They were still on the App Store, but were listed as unavailable in the US.

It's relatively easy for Apple to address an incident like this by removing the apps. However, this could leave a significant number of potential victims if the creators decide to push malware. Sensor Tower estimated that the 14 apps had been downloaded nearly 1 million unique times. That's a lot of potential infections, even if only a fraction of that group taps links to malware. All told, the findings are another reminder to download only those apps you know you can trust, even if the store operator is normally good about screening rogue software.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

A number of first-party Nintendo Switch games are on sale at GameStop

A number of first-party Nintendo Switch games are on sale at GameStop

View
Tom Hanks: 'Absolute heartbreak' that 'Greyhound' won't debut in theaters

Tom Hanks: 'Absolute heartbreak' that 'Greyhound' won't debut in theaters

View
Facebook is shutting down its Pinterest-like experimental app

Facebook is shutting down its Pinterest-like experimental app

View
Microsoft and Bridgestone launch real-time tire damage system

Microsoft and Bridgestone launch real-time tire damage system

View
‘Assassin’s Creed Valhalla’ gameplay footage surfaces in leaked videos

‘Assassin’s Creed Valhalla’ gameplay footage surfaces in leaked videos

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr