Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish

Fraudulent Chinese Apps Found to Bypass Security of Mac App Store | #macos | #macsecurity | #hacking | #aihp

Apple claims that its App Store is a “safe place you can trust.” But this claim was put into test as some developers found ways to bypass the company’s security.

According to 9to5Mac, some developers managed to bypass Apple’s review process and distributed fraudulent apps to iPhone, iPad, and Mac users.

Accordingly, a researcher, who was identified as “Privacy1St” (Alex Kleber), has reported that multiple Chinese apps managed to bypass the App Store review team.

(Photo : CHRIS DELMAS / Getty Images)
Apple is giving more opportunities for developers to showcase their apps in the App Store.

Investigation Found That Fraudulent Apps Are Linked to Same Chinese Developer

In an investigation conducted regarding the seven different apps on the Mac App Store, it was discovered that all of them are organized by the same Chinese developer.

The Chinese developer used fake reviews and command-and-control exploits in targeting users, as per iMore report. 

The fraudulent Chinese apps, according to 9to5Mac, inflicted abuse to the App Store guidelines in various ways.

Privacy1St noted that most of the fraudulent apps are embedded with hidden malware that can receive commands from a server. 

Through this, “the malicious code waits for the app to be approved in the App Store before it goes live,” as per 9to5Mac. 

The researcher noted that this technique allows the developers to modify even the entire app interface remotely. When this happen, what Apple will view is a completely different app than the one that will be sent to users.

All of the apps establish communications with domains using services such as Cloudflare and Godaddy although they were launched by different developer accounts. This is done in order to have their hosting provider hidden. 

However, these apps’ Privacy Policy website redirects users to public webpages made using Google Sites.

Another evidence linking the apps to the same developer is the apps’ code. The apps all use similar password to decrypt a JSON file, which is used to fool the App Store review team. 

Read Also: FCC Commissioner Wants TikTok Removed From App Stores Due to National Security Concerns

Developer Uses Fake Positive Review to Deceive Users

The report noted that one of the fraudulent apps is a “PDF Reader” that was considered as one of the most downloaded apps in the US Mac App Store. 

When users downloaded the app, it tricks them to paying for a subscription plan. But the entire deceptive activity goes far beyond this, users are set to find a suspicious number of positive reviews. This is despite of the negative reviews saying that the apps is not working.

The positive reviews are, in fact, fake. They are made by the developer to make it appear that the app is legitimate. 

Upon the publication of the report, Apple has removed most of the fake reviews. It also appears that the company has removed some of the malicious apps from the Mac App Store.

According to Apple, the App Store was able to stop “nearly $1.5 billion in fraudulent transactions in 2021.” This is all attributed to the App Store review team. 

However, according to 9to5Mac, this is not the first time that researchers have illustrated that the App Store remains vulnerable to scam apps. 

Related Article: Apple Reveals App Store Security Risk: Third-Party Stores Could Lead to Scams, Hacking!

Click Here For The Original Source.


National Cyber Security