contador web Saltar al contenido

App Store retro games were connecting to malicious server

From time to time, we talk here about apps that get screened by the App Store approval team and pose (or pose) real security threats to their users. Another important and more difficult aspect to control is that of applications that display advertisements and may, long after their approval, display advertising on untrustworthy servers.

This is exactly what happened with 15 retro games available from Ma's app store. The titles, which include relatively popular names like Block game and Classic Bank vs Super Bomber, were discovered by security firm Wandera communicating with a malicious server that was previously used to spread Android malware called Golduck.

Block Puzzle, iOS game that communicated with malicious server

Communication with the server in question was only used to display advertisements, but Wandera found that apps were sending sensitive information, such as users' IP addresses and, in some cases, even location data, which is obviously not common for unpretentious little games.

The malicious server itself appears to be "clean" at the moment, being used only for advertising, but nothing would prevent it from being changed in the future to again spread malware this time to iPhones users. As the researchers stated, "A hacker could easily use the advertising space to display links that redirect the user and lead them to install profiles or certificates that in turn would allow the installation of malicious apps."

Wandera has notified Apple of the issue, and all apps are currently unavailable for download. Just them:

  • Commando Metal: Classic Contra
  • Super Pentron Adventure: Super Hard
  • Classic Tank vs Super Bomber
  • Super Adventure of Maritron
  • Roy Adventure Troll Game
  • Trap Dungeons: Super Adventure
  • Bounce Classic Legend
  • Block game
  • Classic Bomber: Super Legend
  • Brain It On: Stickman Physics
  • Bomber Game: Classic Bomberman
  • Classic Brick Retro Block
  • The Climber Brick
  • Chicken Shoot Galaxy Invaders

If you have one or more of the above titles installed on your deviceIt might be a good idea to get rid of them at least until further notice. Attention, always!

via TechCrunch