Privacy 1st researcher (Alex Kleber) analyzed 7 different Apple developer accounts managed by the same Chinese developer. He points out that the apps violate Mac App Store policies.
The most common violation is the fact that applications contain hidden malware that can receive commands from the management server. This allows apps to pass initial App Store security checks before malware is activated. In some applications, Apple’s review team saw a completely different user interface from what appeared in the final version, as developers could change the user interface remotely.
Learn for free, earn $700 at the start of the career
Other apps use the technique of fake reviews. Developers can buy reviews to make their apps feel more authentic and engaging. It is noted that most of the 5-star reviews are written by non-native English speakers, and the same style is often found in several reviews. One-star reviews are the only ones that seem genuine.
The developer also created multiple copies of the same app in order to gain market share.
Some of these malicious apps have proven to be very popular. The PDF Reader for Adobe PDF Files app was one of the top downloaded/selling apps on the US Mac App Store, despite the fact that it tricked users into making unsolicited subscriptions.
Apple has already removed many of the fake reviews of these apps and has removed some of the apps as well.