Chinese Apps Found in Mac App Store Violating Store Rules and Containing Malware

Chinese Apps Found in Mac App Store Violating Store Policies and Containing Malware

Privacy 1st researcher (Alex Kleber) analyzed 7 different Apple developer accounts managed by the same Chinese developer. He points out that the apps violate Mac App Store policies.

Help

"Buy me a fighter." Fundraising for the Air Force of the Armed Forces of Ukraine

The most common violation is the fact that applications contain hidden malware that can receive commands from the management server. This allows apps to pass initial App Store security checks before malware is activated. In some applications, Apple’s review team saw a completely different user interface from what appeared in the final version, as developers could change the user interface remotely.

Chinese Apps Found in Mac App Store Violating Store Policies and Containing Malware

Apps interact with popular services like Cloudflare and GoDaddy to hide their hosting provider. It has also been found that their privacy policy uses free Google sites. What’s more, they all use the same password to decrypt the JSON file that was used to trick Apple’s review team. This confirms that the applications are created by the same developer.

Well

QA evening

Learn for free, earn $700 at the start of the career

REGISTER!

QA evening

Other apps use the technique of fake reviews. Developers can buy reviews to make their apps feel more authentic and engaging. It is noted that most of the 5-star reviews are written by non-native English speakers, and the same style is often found in several reviews. One-star reviews are the only ones that seem genuine.

Chinese Apps Found in Mac App Store Violating Store Policies and Containing Malware

The developer also created multiple copies of the same app in order to gain market share.

Some of these malicious apps have proven to be very popular. The PDF Reader for Adobe PDF Files app was one of the top downloaded/selling apps on the US Mac App Store, despite the fact that it tricked users into making unsolicited subscriptions.

Apple has already removed many of the fake reviews of these apps and has removed some of the apps as well.

Source: techspot

Related Posts

Leave a Reply

Your email address will not be published.