[eridius]

It would make sense to target both.

[Cyph0n]

Who's to say they haven't already?

[bobsam]

From the article: "The company develops mobile apps for both Android and iOS platform"

The apps are probably removed from both stores by now so we will never know ;)

[eridius]

They develop apps for both, but that doesn't necessarily mean they had the same adware in the iOS version.

[bobsam]

But why not? This is not some complex exploit, just standard JavaScript.

I saw the same attitude after the xcode backdoor. "There is no reason to believe any personal data has been affected", well if apple didn't even knew this thing existed how could they possibly know if it was activly used??

Edit: according to reddit apple just pulled all apps made by these guys. Not a proof of anything but still something to consider

[eridius]

The simple reason is if they thought that App Review might catch their shenanigans then they might decide to not do it on iOS, because being caught means having their apps pulled. I'm not surprised that Apple pulled their apps anyway, it's what I'd expect of them since they've demonstrated a willingness to put adware in their apps, even if it was only on Android.

So basically, maybe they put the adware in the iOS apps, maybe they didn't, but we can't tell from the article. But one would think that if they did, the article might have mentioned that, because it's a much better story to say "malware in the iOS app store" than it is to say "malware in the Google Play store".

[bobsam]

I don't understand your comment. Apple and Google have the same mostly-automatic approval process.

(You didnt think apple would manually inspect billions of apps and their updates? 2 weeks per app * 1 billion apps * 3 updates = 115 million man years)