Each time a new application enters the App Store for macOS, iOS, iPadOS, tvOS and watchOS, an Apple team carefully analyzes the app to see if it is safe and poses no risk to the user. According to a researcher, the “filter” put in place by Apple would not work as well as we think…
Developers manage to bypass the review process
Researcher Privacy1St (Alex Kleber) has just released a report claiming that several Chinese apps available on the Mac App Store managed to fool the Apple team that does the pre-publishing review on the app store.
Seven separate Apple developer accounts allegedly run by the same Chinese developer were investigated. According to research, these applications violate policies from the App Store in several ways.
The offense found in most fraudulent applications detected by Alex Kleber is that they have the ability to receive orders from a server. With this technique, developers can modify the entire application interface from a remote computer. As a result, they display the expected and promised interface at the time of validation by the App Store teams, then they activate another interface that has nothing to do once the application is downloadable from the App Store.
What these scam apps have in common is that they all use services like Cloudflare and Godaddy to hide their original host.
Of course, Apple can always check after it goes live in its app store, but today there are thousands, if not millions, of apps available, which benefits dishonest developers, because without reporting like that of ‘Alex Kleber, they blend into the crowd…
Once downloaded by users, these applications can be dangerous for our personal data, can trick us into taking a paid subscription by promising things that are not true…
How do they not get spotted?
We’re not going to hide it, the App Store teams have a lot of work on a daily basis, so they have to sort out the online applications that are experiencing controls. Unsurprisingly, the apps that are analyzed by Apple are the ones that receive negative reviews first. “The app bugs, the app crashes, the app has dead touch zones, the app overheats my iPhone…”apps that get a mass of good reviews have less luck to be monitored by Apple.
Precisely, the Chinese developers who deceive the teams of the App Store know it and that is why Alex Kleber also noticed another common point: there are very positive opinions in English on all these apps. Of course, this might not arouse suspicion, but when other users note with only 1 star by claiming that the application does not work for them, there is reason to ask questions…
Following the release of the report, Apple removed the vast majority of fake app reviews, the Mac App Store also appears to have removed some of the fraudulent programs.
Source