14 iPhone apps found to have links to Golduck malware: Researchers

The recent breach in iPhone apps was discovered by Wandera, an enterprise security firm, who claimed the apps were sending data to the same control server used by the Golduck malware.

Published Date
08 - Jan - 2019
| Last Updated
08 - Jan - 2019
 
14 iPhone apps found to have links to Golduck malware: Researcher...

Key Highlights:

  • Over a dozen iPhone apps have been found to be sending data to a server associated with the infamous Golduck malware.
  • The recent breach was found in 14 apps that were sending IP address and location data to the server.
  • Researchers claim even though there is a line of communication, the apps by themselves aren't harmful as of now.

Over a dozen iOS apps are sending data to a server associated with Golduck, a malware known to infect Android apps. Security researchers found around 14 apps, all of which seem to be classic and retro games for iPhones are linked to the malware.

Golduck was discovered by Appthority, a security app for Android devices, after classic and retro games on the Google Play Store was found to have embedded backdoor to allow malicious code to be silently pushed to Android devices. When the malware was first discovered over a year back, around 10 million users were affected. The malware allowed hackers to gain access to features like sending SMS messages to a phone to make money.

The recent breach in iPhone apps was discovered by Wandera, an enterprise security firm, who claimed the apps were sending data to the same control server used by the Golduck malware.

The researchers claimed the apps haven’t really caused any problem for users so far. The Golduck server only pushes a list of icons in an ad-space within the games. The app, upon opening, gets instructions to display the icons  to the user. The affected apps does send user IP address to the server, and in some cases, location data as well. The researchers noted that the apps aren’t doing anything malicious as of now, but since the line of communication is open, it may become harmful down the line.

Related Links:

MysteryBot is a terrifying new Android malware capable of installing banking trojan, keylogger and ransomware on your phone

Digit NewsDeskDigit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.