A compromised iPhone App was found to be using malware to infect users by calling 22 known malicious domains.
Researchers at The Media Trust discovered that a compromised iPhone app which had been downloaded by millions across the globe was infecting user devices with persistent malware hidden within the ad’s style sheet which called the malicious servers to deliver payloads.
The app activates and calls the malicious domains as soon as its opened and will redirect the user out of the application itself and into the malicious site or to a phony reward popup or survey. Users unable to close the malicious app would be delivered the payload.
The malware made its way into the malicious app via a small Demand Side Platform (DSP) with a poor reputation for vetting ads and was embedded in the style sheets and loaded in the background to elude users and anti-malware.