According to experts, Apple’s App Store is the most secure online store. The staff reviews apps in the most meticulous way and any potential threats are eliminated as soon as possible. They claim Google’s Play Store can’t compete with it in that regard. However, recently, independent researchers have located as much as 14 apps for iPhone that communicate with a C&C server with a malware known as Golduck.
This malware is known to infect the most popular game apps. Initially, Golduck’s traces were detected on Google Play a little over a year ago. Appthority, the company that found this threat, claimed that it had the ability to compromise the affected devices and even open doors for severe attacks. Right now, none of the apps (games) are available on the App Store. However, over one million users have already downloaded and installed them.
Why iPhone Users Should Feel Concerned?
It is important to note that while Golduck is, indeed, bad news, it doesn’t infect the gadgets per se. What it does is gather all kinds of info on the user and send it to the server. The info includes:
- What app, and which version the user is running
- What kind of a device he/she owns
- The original IP address of that device
- How many ads are being displayed on the Smartphone
- Sensitive location details
Another critical note: these dangerous apps haven’t been hacked or compromised yet. But, hackers from all over the globe can take advantage of the ad space, as Appthority mentioned a year ago. To put it simply, while all those apps are dangerous, in the future, they’ll probably pose an even greater threat. On Android, Golduck-infected apps were capable of creating backdoors through which the hackers installed profit-generating malware.
Sending premium SMS messages and even blackmailing the original user was some of the most popular applications of Golduck. When this threat was discovered, over 10 million were already affected. Here is the list of all the App Store games that are linked to the same malicious server:
- Block Game
- Bomber Game: Classic Bomberman
- Bounce Classic Legend
- Brain It On: Stickman Physics
- Chicken Shoot Galaxy Invaders
- Classic Bomber: Super Legend
- Classic Brick – Retro Block
- Classic Contra
- Classic Tank vs. Super Bomber
- Commando Metal
- Roy Adventure Troll Game
- Super Adventure of Maritron
- Super Pentron Adventure: Super Hard
- The Climber Brick
- Trap Dungeons: Super Adventure
If any of these games are still on your iPhone, you should immediately get rid of them. The same is true for any other device running on iOS. We already learned what this kind of iPhone malware is capable of. Now let us talk about all the measures the regular users can take to protect themselves from any malicious apps in the future.
How to Protect Your iPhone from Suspicious App?
As mentioned in the beginning, Apple’s and Google’s stores are some of the most secure ones. Most of the time, you won’t have any problems with the apps you download from there. Yet, some handy developers can (and sometimes, they do) sneak in some suspicious apps that make their way onto the devices of the users.
With that said, you should always be careful and conscious about the apps you download. Unless you’re absolutely sure they are safe, don’t even think about using them. Think of it this way: it’s better to pass through a couple of excellent apps rather than have to deal with an infected gadget. Here’s what you can do for further protection:
- Always check the developer. We’re talking about verifying the name of the developer of the app(s). The best way to approach this: use Google to find out the original developer.
- Go over user and expert reviews. The best apps in the stores have tons of user reviews. And, several respected international experts on the Internet will tell you exactly which apps can be trusted and which are a bit shady. Again, if the users/experts aren’t 100% confident that a given app is safe, don’t ever download it.
- Update your device. The engineers and programmers working on iOS are continually improving it. The latest updates are your best weapon against any malicious apps. That’s especially true for the newer threats that the older versions of the OS simply won’t be able to detect and eliminate.
Add an Extra Layer of Protection
A VPN is an excellent tool for improving your security against malware attacks like the ones we’ve been discussing earlier. A VPN (Virtual Private Network) encrypts the user’s data and routes all of his/her traffic through its line-up of servers. That way, third parties can no longer monitor your activity online or steal any personal data.
When a VPN is active, no malicious apps will ever be able to connect to their C&C (Command & Control) servers. And without that connection, it will be impossible for the hackers on the other side to take over your device. Currently, ExpressVPN is the best VPN for iPhone, but NordVPN and CyberGhost are also great services.
These are fast, reliable, and secure, not to mention they offer some impressive yearly plans. Also, NordVPN and CyberGhost offer 7-day free trials, while ExpressVPN is only good for a 30-day MBG (Money-Back Guarantee).
Avoiding suspicious apps, keeping up with the latest developments, updating OS/device, and using a VPN – that’s what any modern-day iOS user should be doing. While malware on iPhone is a pretty rare thing, there are still some threats waiting for you at the Apple App Store. Hopefully, after reading this post, you’ll be able to protect yourself better in the future.