Great, now the Apple App Store has malware too

Great, now the Apple App Store has malware too

Image for article titled Great, Apple App Store Now Has Malware

Photo: Tad’s pictures (Shutterstock)

Apple devices and the App Store are generally considered more secure compared to competitors such as Android or Windows. Apple has more control and curation over the software it allows in the App Store, making malware much less prevalent than on Google Play, for example. However, as the past few weeks have shown, even seemingly legitimate and frequently downloaded apps can secretly be malware – yes, even on Apple platforms.

Latest security research by Alex Kleber discovered seven malware applications hidden in plain sight in the Mac App Store. All seven apps appeared to be created by separate publishers according to App Store listings, but Kleber found that they were actually created by a single group based in China.

The apps in question include:

  • PDF Reader for Adobe PDF files (Sunnet Technology Inc.)
  • Word Writer Pro (Netozo Limited)
  • Screen Recorder (Safeharbor Technology L Ltd.)
  • Webcam Expert (Wildfire Technology Inc.)
  • Streaming Browser Video Player (Boulevard Technology Ltd.)
  • PDF Editor for Adobe Files (Polarnet Limited)
  • PDF Reader (Xu Lu, apparently affiliated with Sunnet Technology Inc.)

Even if Apple deletes these apps from the macOS App Store, they won’t be removed from any device that downloaded them. If you have any of these apps on your Mac, delete them as soon as possible.

All of these apps ranked in the US App Store’s top 100 downloads, with some reaching the top 10, and PDF Reader for Adobe PDF files ranked first in the Education category.

Uploading malware to Apple’s App Store is difficult, but apparently not impossible. The developers behind the seven malware apps submitted “benign” versions of the apps that hid malicious code in their encrypted database. Once the app was certified and available in the App Store, it essentially “morphed” and activated the hidden malware. Many Android malware apps use a similar strategy to bypass Play Store security checks.

Apple removed all seven apps after Kleber’s revelations, but their existence shows how easy it is for malware to appear anywhere, even on seemingly safe platforms like Apple’s App Store.

Actually, MacRumors reported last week to a highly rated third-party Facebook ad management app that stole user data, took over their accounts, and used the account owner’s ad budget to promote ads on the malicious app’s developer software. Apple also removed the unnamed fraudulent app from the iOS App Store, but it apparently racked up over 250,000 downloads before deactivation.

While you are safe from this recently identified App Store malware, let this serve as a warning against downloading unknown apps from any platform. No platform is completely safe, and if fake apps can climb the rankings like this, chances are there’s more malware lurking in the App Store right now.

Malware developers go to great lengths to appear legitimate. Some apps will mimic or outright steal the interface and functionality of other software. They will also normally work as intended while hiding fraud or invasive data theft features. These intrusive features usually—though not always—require high permissions unrelated to the app’s advertised use.

Many hackers even create fake companies, including fake websites and privacy policies (which are requirements to submit an app to Apple). We’ve seen other scam apps use fake privacy policies in the App Store, but they’re easy to spot if you look closely. Many appear on random domains unrelated to the app or its publisher—for example, all seven apps Kleber found used a single GoDaddy domain. Similarly, apps often feature suspiciously high ratings and glowing user reviews, so it’s important to read more than just the top-rated or top-rated user comments.

Still, even if you’re hypervigilant, the best way to keep yourself and your devices safe is to only download well-known apps from trusted publishers.

[Mac Observer]

#Great #Apple #App #Store #malware

Leave a Comment

Your email address will not be published.