Despite Apple’s claims that the App Store is “a safe place to trust,” it seems that some developers are still finding ways to bypass the company’s verification process in order to spread fraudulent apps to iPhone, iPad, and Mac users. This time, a researcher known as “Privacy1St” (Alex Kleber) shared a report about several Chinese apps that scammed the App Store review team.
Apps can fool the App Store review team
The report was published in a Medium post and was also backed by a security researcher and former NSA official. Patrick Wardle. The investigation examined seven different Apple developer accounts allegedly operated by the same Chinese developer. These apps, according to the report, violate App Store policies in various ways.
As the researcher notes, most of these applications contain hidden malware that can receive commands from the server. Thus, the malicious code waits for the app to be approved by the App Store before it is launched. This method allows developers to remotely change even the entire interface of the application so that Apple sees a completely different application than the one that will be sent to users.
While the apps were released by different developer accounts, they all link to domains using services like Cloudflare and Godaddy to hide their hosting provider. Interestingly, the privacy policy website of these applications redirects users to public web pages created with Google Sites.
Another aspect of these apps’ code that ties them to the same developer is that they all use the same password to decrypt the JSON file used to mislead the App Store review team. In some cases, this developer released virtually the same app under different accounts so that those apps could reach and fool even more users.
Fake reviews and more
As noted in the report, one of these apps is PDF Reader, which was listed as one of the most downloaded apps on the Mac App Store in the US. Once downloaded, the app tricks users into paying for a subscription plan. But the whole scheme goes way beyond that, as all of these apps have a suspicious amount of positive reviews among the negative reviews claiming the apps don’t work.
Of course, these positive reviews are fake and bought by the developer to make regular users believe that the app is legit. Since the report was published, Apple has removed most of the fake reviews for these apps. Some malicious apps also appear to have been removed from the Mac App Store.
Apple said last month that the App Store stopped “nearly $1.5 billion in fraudulent transactions in 2021” thanks to the App Store review team. However, this is not the first or second time that researchers show that the App Store is still very susceptible to fraudulent apps. Meanwhile, Apple continues to say that the process of downloading unpublished applications is the real enemy of users.
Similar
The post Researcher reports fraudulent apps on the App Store appeared first on Gamingsym.