Since inception App Store for mobile devices and Mac App Store for computers Apple claims this is the safest way to download apps to devices. At the same time, the owners of iPhones and iPads have no other options to get the right application. In this regard, poppy drives are in a more advantageous position. Apple does not restrict them from where to download software. At the same time, some basic programs by type PDF readers documents are much more convenient to download from Mac App Store.
Attackers come up with more and more sophisticated ways to bypass moderation in the App Store.
ПОДПИШИСЬ НА НАШ ЯНДЕКС.ДЗЕН. ТАМ КАЖДЫЙ ДЕНЬ ВЫХОДЯТ ЭКСКЛЮЗИВНЫЕ СТАТЬИ, КОТОРЫЕ НЕ ВЫХОДЯТ БОЛЬШЕ НИГДЕ
However, the security of the app store turned out to be imaginary. Recently, a large number of programs have begun to appear that are moderated and inject malicious code onto the computer. Let’s see how this happens and how it can be fraught with users.
Viruses on Mac
The Mac App Store is handy for downloading and updating small apps like Shazam.
Those who have been using for years Apple devices, are used to the fact that the company is trying its best to take care of their safety. This has become especially noticeable in recent years. Operating systems are getting more and more features that are aimed at protecting the personal data and privacy of users. In this situation, the news that moderation in Mac App Store can be easily deceived, they look intimidating.
The new schema looks like this. Hidden malware is added to the application, which can receive commands from some server. Until the application is approved, it does not give itself away in any way. As soon as all stages of moderation are over and the program enters Mac App Store, the code is run. After that, developers can remotely change any component of the application, up to the interface. In this way, Apple I saw and approved one program, and users received a completely different one.
Developer 1.1.1.1 servers are used to promote malware.
To hide the source of this code, all commands go through servers cloudflare – famous developer VPN service 1.1.1.1 and GoDaddy. Thus, where the application receives commands from and where it sends the stolen data is hidden. And most importantly, the privacy policy of such programs refers to public web pages.
ПОДПИШИСЬ НА ТЕЛЕГРАМ-КАНАЛ СУНДУК АЛИБАБЫ, ЧТОБЫ ПОКУПАТЬ ТОЛЬКО ЛУЧШИЕ ТОВАРЫ С АЛИЭКСПРЕСС
But the most interesting thing is not that. One such application is the now-deleted “PDF Reader”. After downloading, it offered users to pay for a special subscription, and after payment, it simply didn’t work corny. Naturally, the program received a huge amount of negative feedback. However, for every bad one, several dozen good ones immediately appeared. And the app received a rating close to five stars. Naturally, all positive reviews are very similar to those bought: written in a neat literary language, with the arrangement of all punctuation marks.
Unfortunately, when downloading, we most often focus only on the rating and rarely read reviews. Therefore, this variant of deception works very well. At the same time, subscribing to the missing functionality is not the worst thing that can happen. Such programs can download malicious code to users’ devices and steal logins, passwords, bank card details, and other personal data. Apple searches for such applications, but, unfortunately, it is not possible to identify them all at once.
Malware on iPhone
Maybe the regular App Store isn’t as secure as they say?
In this regard, Cupertino’s position regarding App Store for mobile devices. Safety is the main argument in the fight Apple with the governments of various countries who want to get the company access to iOS and iPadOS third party app stores. After such news, there is no longer any unequivocal confidence in the security of branded application stores. And most importantly, it is not clear whether it is possible for the same programs to get into normal App Store.
Taking into account the fact that there are much more developers who want to place their applications there, as well as applications for the iPhone and iPad, it takes much less time to moderate one such program. Therefore, the probability of missing a malicious application is several times higher. Appleit seems that in order to maintain the trust of users, it is necessary to hire programmers to check all the software that wants to get into App Store. Moreover, it will be necessary to dissect the program code in order to find a threat to consumers in it.
ПОДПИШИСЬ НА НАШ ТЕЛЕГРАМ-ЧАТ И ЗАДАВАЙ ВОПРОСЫ НАШИМ АВТОРАМ, НА КОТОРЫЕ ОНИ ОБЯЗАТЕЛЬНО ОТВЕТЯТ
If Cupertino does not resort to a more in-depth method of checking software, then soon users will no longer trust Mac App Store. And the most convenient option to install the necessary software will be downloading from the developers’ sites. Let’s hope that in Apple adequately realize the scale of the tragedy and start doing something. Otherwise, the word “security” will soon simply cease to be associated with Appleand huge reputational costs will follow. I would like to believe that none of us will encounter such applications and will not lose any important data. Therefore, before downloading or paying for any subscriptions, be sure to read all reviews, including negative ones. This will help you save your money and nerves.
The post How to deceive Mac users | AppleInsider.ru appeared first on Gamingsym.