Researchers from security firm Wandera have discovered 14 iPhone games that communicated with a server that became infamous for controlling the Golduck malware for Android.
The researchers said the iPhone apps were loaded with ads, which could have duped users into tapping a link and granting permission for malware installed outside the App Store.
"The apps themselves are technically not compromised; while they do not contain any malicious code, the backdoor they open presents a risk for exposure that our customers do not want to take," Wandera told TechCrunch.
"A hacker could easily use the secondary advertisement space to display a link that redirects the user and dupes them into installing a provisioning profile or a new certificate that ultimately allows for a more malicious app to be installed."
Downloaded roughly a million times
Collectively, the apps in question have been downloaded around a million times. However, Apple has now removed them from the App Store. Those who attempt to download them will get a message that says, “not currently available in the US store.”
While this prevents unique users from downloading the apps, some iPhone owners may still have the apps on their device. Here are the 14 different retro games that were recently dubbed risky by Wandera’s Threat Research team:
Commando Metal: Classic Contra
Super Pentron Adventure: Super Hard
Classic Tank vs Super Bomber
Super Adventure of Maritron
Roy Adventure Troll Game
Trap Dungeons: Super Adventure
Bounce Classic Legend
Block Game
Classic Bomber: Super Legend
Brain It On: Stickman Physics
Bomber Game: Classic Bomberman
Classic Brick - Retro Block
The Climber Brick
Chicken Shoot Galaxy Invaders
“Wandera researchers identified regular communication between the various apps and a Golduck Command & Control server,” the firm said. “Our security researchers discovered a secondary area being used to display ads that are not powered by Admob and instead, present content from a known malicious server.”