Apple Tech Used to Put Hacked Apps on iPhones
Hackers used technology designed by Apple to distribute the hacked version of Spotify, Angry Birds, Pokemon Go, Minecraft and other popular apps and games in Apple App Store.
How are the hacked version of app store apps getting to iPhones without any consideration
It is almost impossible to get into the App Store of Apple. But Apple themselves introduced a programme for the corporations to distribute business apps to their employees without going through Apple’s App Store security. Illicit software distributors like TutuApp, Panda Helper, AppValley and Tweakbox have found ways to use certificates to access Apple’s previously mentioned programme and ultimately to the app store.
Using enterprise developer certificates, these pirate operations are providing modified versions of popular apps to consumers. These hacked apps are enabling users to stream music without ads and to circumvent fees and rules in games, depriving Apple and legitimate app makers of revenue.
There was no way for Apple to track the real-time distribution of the corporation certificate. They also can’t track the distribution of improperly modified apps. But Apple can cancel the certificates if it finds misuse.
After Reuters initially contacted Apple for comment last week, Apple banned some of the pirates from the system. But within days they were using different certificates and were operational again. This proved that it is very difficult to stop these companies. Because if Apple cancels the certificate of one corporation but they will use another certificate to redistribute the hacked apps.
Apple confirmed a media report on Wednesday that it would require two-factor authentication to log into all developer accounts. Two-factor authentication uses your normal password and a code sent to the developers’ phone. By the end of this month, this could help prevent certificate misuse.
Major app makers Spotify Technology SA, Rovio Entertainment Oyj and Niantic Inc have begun to fight back.