iOS VPN App
Despite Apple’s claims that the App Store is a “safe place you can trust,” it seems that some developers still find ways to bypass the company’s review process to distribute fraudulent apps to iPhone, iPad, and Mac users. This time, a researcher identified as “Privacy1St” (Alex Kleber) has shared a report about multiple Chinese apps that have fooled the App Store review team.
Apps can trick the App Store review team
The report was shared in a post on Medium and was also supported by security research and former NSA staffer Patrick Wardle. The investigation examined seven different Apple developer accounts that are allegedly managed by the same Chinese developer. These apps, according to the report, abuse the App Store guidelines in many different ways.
As noted by the researcher, most of these apps contain hidden malware that can receive commands from a server. This way, the malicious code waits for the app to be approved in the App Store before it goes live. This technique lets developers change even the entire app interface remotely so that Apple will see a completely different app than the one that will be shipped to users.
Another aspect of these apps’ code that connects them to the same developer is that they all use the same password to decrypt a JSON file used to mislead the App Store review team. In some cases, this developer has released basically the same app under different accounts, so that these apps can reach and trick even more users.
Fake reviews and more
As noted by the report, one of these apps is a “PDF Reader” that was listed as one of the most downloaded apps in the US Mac App Store. Once downloaded, the app tricks users into paying for a subscription plan. But the whole scheme goes far beyond this, as all these apps have a suspicious amount of positive reviews amidst negative reviews claiming that the apps don’t work.