starbuck Posted January 8, 2016 Posted January 8, 2016 (edited) Unofficial apps stores that target users of non-jailbroken iOS devices have expanded their presence from the Chinese market and are now targeting users from multiple countries. The reason why third-party hosted app stores exist is because Apple and Google strictly moderate, check, and approve every app they list on their stores. Users who want to download and install applications that are clones of popular paid apps, are piracy-related, or show adult material, usually have to go to the app maker's website or unofficial app stores. Third-party app stores abusing certificates to fake their real origin While installing non-signed apps in Android is as easy as pressing a button, in iOS, if the device wasn't jailbroken (rooted), this process takes users through different steps. This process is also called app side-loading and was tolerated by Apple because some companies that deal with sensitive information needed a way to install apps from outside the original App Store. The way Apple allows this is by specially issued certificates used to sign the side-loaded apps, and verify their source. vShare abusing certificates to install rogue apps In the past, there have existed multiple unofficial iOS app stores that have used these certificates to power their business. They acquire the certificates from the underground black market, they steal certificates from legitimate businesses or register with Apple as a fake company themselves. vShare expands to a broader audience According to Proofpoint researchers, an unofficial app store called vShare, that originally operated only in China, has opened its doors to worldwide users, serving up to 15,000 iOS apps and over 400,000 Android apps. Proofpoint claims that the website often changes certificates used to validate the apps it installs on its customer's devices to avoid being taken down by Apple. Despite Apple making the process of side-loading apps much harder in iOS 9, not all users follow its advice and download potentially malicious applications. The cyber-security vendor urges users not to download apps from this store and other similar ones. iOS app stores targeting users with non-jailbroken devices Many iOS users mistakenly think that if their device is not jailbroken, they are safe from dangerous applications. Users should know that the only thing that distinguishes Apple from these other stores is its app review process. The danger for iOS users is inside an application's code, not the fact that the device has or has not been jailbroken. The iOS operating system comes with powerful APIs that allow applications access to powerful functions that control the OS's behavior. It's only because of Apple's review process that these APIs are only used by trusted apps. Apps coming from unofficial app stores could contain malicious code that could exploit these iOS API functions and in tandem with security vulnerabilities, infect the device with malware that has wide-reaching capabilities. Even if users are using non-jailbroken devices, they should not side-load applications with a false sense of security, that Apple will protect them. The Chinese Internet is like a walled garden and some Chinese websites often get away with things that western companies could never do. We'll now see if vShare's expansion has put the site on Apple's radar, and if Apple will manage to blacklist all its certificates faster than vShare can get new ones. pps available via vShare Source: http://news.softpedia.com/news/rogue-ios-app-stores-expand-from-the-chinese-market-to-the-whole-world-498632.shtml Edited January 8, 2016 by starbuck Quote
FPCH Admin AWS Posted January 8, 2016 FPCH Admin Posted January 8, 2016 I only download through iTunes. I made the mistake of getting a bad app from an external source infected with something that hijacked my AppleID. I had to jump through all kinds of hoops to get the ID back. Lesson learned for sure. Quote Off Topic Forum - Unlike the Rest
Recommended Posts