After successfully hiding from the company’s app review process, Apple confirmed that 17 iPhone malware apps were removed from the App Store.
The apps were all from a single developer, but covered a wide variety of areas, including a restaurant finder, internet radio, BMI calculator, video compressor, and GPS speedometer.
Although there was no direct harm to users of the app, the activity would be to use mobile data as well as potentially slow down the phone and accelerate the drain of batteries.
Wandera said Apple’s review process was evaded by the iPhone malware apps because the malicious code was not found within the app itself, but instead the apps got instructions from a remote server on what to do.
Apple says the method of identifying this approach is improving the app review process.
Android apps were also controlled by the same server. In at least one of those cases, poor Android security meant that more direct harm could be caused by the app.
The apps were all from the technology of AppAspect.
Through sandboxing, iOS protects against this. That app has its own private environment, so it is not possible to access system data or data from other apps if iOS specifically allows and monitors processes. Wandera notes, however, that there were examples of the failure of the sandbox, giving three examples of this.
Wandera is the same company that warned about how to use a Siri feature to phish non-technically knowledgeable users of the iPhone. Apple confirmed that the 17 apps were removed to ZDNet.