Scammers have 2 clever new ways to install malicious apps on iOS devices

 In App Store, apple, Biz & IT, iOS, malware, testflight, webclips

Scammers have 2 clever new ways to install malicious apps on iOS devices

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Stylized image of a man looking at a tablet computer.

Enlarge (credit: Getty Images)

Scammers pushing iOS malware are stepping up their game by abusing two legitimate Apple features to bypass App Store vetting requirements and trick people into installing malicious apps.

Apple has long required that apps pass a security review and be admitted to the App Store before they can be installed on iPhones and iPads. The vetting prevents malicious apps from making their way onto the devices, where they can then steal cryptocurrency and passwords or carry out other nefarious activities.

A post published Wednesday by security firm Sophos sheds light on two newer methods being used in an organized crime campaign dubbed CryptoRom, which pushes fake cryptocurrency apps to unsuspecting iOS and Android users. While Android permits “sideloading” apps from third-party markets, Apple requires iOS apps to come from the App Store, after they’ve undergone a thorough security review.

Read 9 remaining paragraphs | Comments

Getting past the App Store gatekeeper has always been tough. Here are two new ways.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt