Are you  an avid game player on your smartphone? Trust but verify when you install new apps. Although you may be tempted to rely on the App Store review team to showcase only secure apps, many vulnerabilities can be hidden well enough to slip through even Apple’s  rigorous app review process. Don’t fall for a trap. Stay aware of the latest hacker tools and techniques being used to steal your data.

Recently, fourteen retro game apps on the App Store were deemed compromised  and known to expose user data such as IP addresses, location and device information, as well as app and version data. Reportedly downloaded more than 1 million times, the infected apps also displayed fake ads on the main screen, presenting content from a malicious server. Even more impressive, the app also transferred data to a command-and-control server (C&C) previously related to Golduck malware, a famous Android app attack. Once compromised, the infected  devices can be used as backdoors and potentially cause more damage by enabling hackers to display phishing links and redirect users to install additional malicious apps.

Why are command and control servers so dangerous?

They send commands to a mobile phone, computer or IoT device infected with malware (like Golduck) or ransomware to create powerful networks or botnets. The botnets powered by infected devices can steal data, delete or encrypt data, or run denial-of-service attacks (DDoS).

In 2017, Golduck malware was used as an adware distribution platform on multiple Google Play store apps. The infected apps silently downloaded a file with malicious code enabling undetectable downloads of additional apps from the Golduck server.

All the iOS apps that used Golduck's C&C servers for adware distribution and data collection have been removed from the App Store. We’ve listed the malicious game apps  below. If you have any of the following apps installed on your phone - remove them immediately:

  1. Commando Metal: Classic Contra

  2. Super Pentron Adventure: Super Hard

  3. Classic Tank vs Super Bomber

  4. Super Adventure of Maritron

  5. Roy Adventure Troll Game

  6. Trap Dungeons: Super Adventure

  7. Bounce Classic Legend

  8. Block Game

  9. Classic Bomber: Super Legend

  10. Brain It On: Stickman Physics

  11. Bomber Game: Classic Bomberman

  12. Classic Brick – Retro Block

  13. The Climber Brick

  14. Chicken Shoot Galaxy Invaders

To stay safe and not fall for scams and malware infections:

  • Only install the apps you need.

  • Prior to installing - research the official app sites and read reviews carefully.

  • Don’t click on random links in any  apps.

  • Get Fyde app on your device - automatically block malware threats before they access your data .