Mobile, News

Over a dozen iPhone apps found to be infected with Golduck malware

Shaheryar Ehsan Written by Shaheryar Ehsan ·  57 sec read >

Security researchers have found that over a dozen apps available for iOS have been infected with a malware whose primary target previously was Android devices. Golduck has been around since the last year and it used to infect retro games by silently embedding backdoor code for payload. The situation went so grave that more than 10 million users were affected by the malware.

The breach was found on 14 iOS apps by Wandera, a security enterprise firm. They found that the apps were communicating back and forth with the same server used by the malicious apps previously. According to Michael Covington, Wandera’s VP of Product:

The [Golduck] domain was on a watchlist we established due to its use in distributing a specific strain of Android malware in the past. When we started seeing communication between iOS devices and the known malware domain, we investigated further.

Given below is a list of apps affected:

Their analysis is available here in a blog post. TechCrunch also verified their claims by the running the app through a proxy on a clean iPhone to see where the data goes. It turns out, the apps do communicate with the malicious server. If you have any of the above-listed apps, you should remove them straight away to avoid any problems.

Written by Shaheryar Ehsan
Content Team Lead. Blogger, Content Developer, Social Media, and SEO Expert. Reach out: Profile