Researcher reports fraudulent Chinese apps on the Mac App Store

Researcher reports fraudulent Chinese apps on the Mac App Store

August 4, 2022 0 By Filipe Espósito

Today

0

Despite Apple’s claims that the App Store is a “safe place you can trust,” it seems that some developers still find ways to bypass the company’s review process to distribute fraudulent apps to iPhone, iPad, and Mac users. This time, a researcher identified as “Privacy1St” (Alex Kleber) has shared a report about multiple Chinese apps that have fooled the App Store review team.

Apps can trick the App Store review team

The report was shared in a post on Medium and was also supported by security research and former NSA staffer Patrick Wardle. The investigation examined seven different Apple developer accounts that are allegedly managed by the same Chinese developer. These apps, according to the report, abuse the App Store guidelines in many different ways.

As noted by the researcher, most of these apps contain hidden malware that can receive commands from a server. This way, the malicious code waits for the app to be approved in the App Store before it goes live. This technique lets developers change even the entire app interface remotely so that Apple will see a completely different app than the one that will be shipped to users.

Although the apps were released by different developer accounts, they all establish communications with domains using services like Cloudflare and Godaddy in order to hide their hosting provider. Interestingly, the Privacy Policy website of these apps redirects users to public webpages created with Google Sites.

Another aspect of these apps’ code that connects them to the same developer is that they all use the same password to decrypt a JSON file used to mislead the App Store review team. In some cases, this developer has released basically the same app under different accounts, so that these apps can reach and trick even more users.

Fake reviews and more

As noted by the report, one of these apps is a “PDF Reader” that was listed as one of the most downloaded apps in the US Mac App Store. Once downloaded, the app tricks users into paying for a subscription plan. But the whole scheme goes far beyond this, as all these apps have a suspicious amount of positive reviews amidst negative reviews claiming that the apps don’t work.

Of course, these positive reviews are fake and bought by the developer to make regular users believe that the app is legitimate. Since the report was published, Apple has removed most of the fake reviews of these apps. Some of the malicious apps also seem to have been removed from the Mac App Store.

Last month, Apple said the App Store stopped “nearly $1.5 billion in fraudulent transactions in 2021” thanks to the App Store review team. However, this is not the first or second time that researchers have shown that the App Store is still highly susceptible to scam apps. In the meantime, Apple keeps saying that the sideloading process is the real enemy of users.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author



Filipe Espósito

Filipe Espósito is a Brazilian tech Journalist who started covering Apple news on iHelp BR with some exclusive scoops — including the reveal of the new Apple Watch Series 5 models in titanium and ceramic. He joined 9to5Mac to share even more tech news around the world.

You can read the original article here —> [ Read More ]

New reasons to get excited everyday.

Get the latest tech news delivered right in your mailbox

Sponsored Posts

February 6, 2022 0

NordLayer — more than a business VPN

By Sponsored

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no...

close

Don't miss a beat!!

We’d love to keep you updated with the latest tech news from across the internet!

Don't worry, we don’t spam!