Click to Skip Ad
Closing in...

These 10 iPhone apps are actually adware, so delete them now

Published Sep 27th, 2022 4:45PM EDT
Apple's App Store running on iOS 11.
Image: Apple

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

We often write about malicious Android apps on Google’s Play Store, but Apple’s App Store is typically more secure. Of course, that doesn’t mean that it’s impenetrable, as we’ve noted in the past. Dangerous apps do occasionally sneak through Apple’s app review process, and HUMAN’s Satori Threat Intelligence & Research team discovered ten such apps this month. Delete them ASAP if you’ve downloaded any iPhone apps on this list.

A short history lesson: HUMAN’s security threat team found a collection of over 40 Android apps in August 2019 committing advertising fraud. They named the investigation Poseidon after the malicious code they found in the apps.

Over a year later, in late 2020, the team reported on a “second wave” of ad fraud apps. They dubbed this new wave Charybdis, which is one of Poseidon’s offspring in Greek mythology. Now, nearly two years after that, a third wave has arrived: Scylla.

Delete these fraudulent iPhone apps ASAP

Scylla is yet another advertising fraud operation, but this one targets both iOS and Android devices. The team found 85 apps — 10 on iOS and 75 on Android — with malicious code. If you have any of these apps on your iPhone, delete them now:

  • Loot the Castle – com.loot.rcastle.fight.battle (id1602634568)
  • Run Bridge – com.run.bridge.race (id1584737005)
  • Shinning Gun – com.shinning.gun.ios (id1588037078)
  • Racing Legend 3D – com.racing.legend.like (id1589579456)
  • Rope Runner – com.rope.runner.family (id1614987707)
  • Wood Sculptor – com.wood.sculptor.cutter (id1603211466)
  • Fire-Wall – com.fire.wall.poptit (id1540542924)
  • Ninja Critical Hit – wger.ninjacriticalhit.ios (id1514055403)
  • Tony Runs – com.TonyRuns.game

These apps employed a variety of ad fraud schemes, including spoofing bundle IDs to make advertisers think they were different apps, showing ads so that users can’t actually see them on the display, and faking clicks on ads to make more money.

The good news is that the team worked with Apple and Google to remove the malicious apps listed on its website from both app stores. That said, HUMAN believes that this is an ongoing attack, which means more dangerous apps could pop up in the coming weeks and months. Always be diligent when downloading new software.

Jacob Siegal
Jacob Siegal Associate Editor

Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.