Software pirates are distributing hacked versions of Apple's most popular apps

Pirates make light work of Apple security

Pirates make light work of Apple security

Apple originally introduced its enterprise certificates to let companies make business apps for employees, without going through the App Store.

The software distributors named and shamed by Reuters include TutuApp, Panda Helper, AppValley, and TweakBox. In other cases, they offer versions of free apps minus the ads.

While Google is working hard and purportedly making great progress in fighting malicious Android apps, Apple faces increasing public scrutiny and wide criticism from security experts for catastrophic iOS bugs, zero-day vulnerabilities, and weak protection against a newly discovered breach of its Developer Enterprise Program rules.

Apple stated that those who get certificates and are trying to trick the company will have their certificates terminated and will be removed from the Developer Program completely. It's become a cat-and-mouse game, with Reuters noting that as fast as the pirates' certificates were banned, they popped up again within days using different certificates - either ones that were newly acquired through an underground black market for developer certificates, or "sleeper" certificates that the pirate distributors have been sitting on without using.

Mauro ICARDI loses Inter captaincy as Samir HANDANOVIC named new captain
It has been a tough, painful decision which he probably has not taken well, made with the team's well-being in mind. They visit Rapid Vienna in Europa League action on Thursday before hosting Samp in league play on Sunday.

To make matters worse, the company has no way of tracking how its enterprise certificates are being handed out or how many of its phones are using improperly modified apps but it does have the ability to cancel the certificates after finding they've been misused.

According to new reports from The Washington Post and TechCrunch, Apple and Google still host dozens of illegal and abusive apps in their app stores, despite efforts to clean up their act. Security researchers have long warned about the misuse of enterprise developer certificates, which act as digital keys that tell an iPhone a piece of software downloaded from the Internet can be trusted and opened. Apple's Developer Enterprise program has proven to be a flawless opportunity for this, allowing apps to be installed on any iPhone, iPad, or iPod touch.

Apple says that two-factor authentication for developer accounts should be live by the end of the month, so we'll see soon enough if it helps stop the distribution of hacked apps like Spotify and Minecraft. Reuters reported that "The distributors of pirated apps. are using certificates obtained in the name of legitimate businesses, although it is unclear how". Several pirates have impersonated a subsidiary of China Mobile.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.