Apple App Store is apparently still littered with malicious apps app security

Apple’s App Store may be playing host to a number of scam apps that are raking in millions for criminals across the world, a developer has claimed.

Kosta Eleftheriou says that a host of malicious apps are present on the App Store, and has accused Apple of failing to act and protect its users.

Many of the scam apps follow the same formula, Eleftheriou says, with fake reviews and ratings helping boost their status on the App Store and lure in more vicitims.

App Store scam apps

Eleftheriou, a developer who has created several hit services for Apple devices, has highlighted a number of suspect apps over the past few weeks on his Twitter account.

One of the most prevalent suspects is an app called KeyWatch, which Eleftheriou says is a blatant copy of his own FlickType Apple Watch keyboard typing tool. He noted that KeyWatch initially launched as a shell app, with no actual functionality, but once his own service began growing in popularity, the scammers advertised their own service using video of his original app masquerading as their work.

However when downloading the fake app, users were confronted with a blank interface except for an “Unlock now” button, which when clicked directed to an Apple purchase page, where users were told they could download the full service for $8 a week. This app was boosted with fake app ratings and reviews, which can be bought from fellow criminals in bulk and used to promote KeyWatch, which according to Eleftheriou was making around $2 million a year.

“It’s surprising more people don’t know about this. The extent to which this has been going on and is currently going on is absolutely mind-blowing,” Eleftheriou told The Verge. “In particular now with the App Store, which is my main concern, the problem has grown to such an extent that having the rating and review system is making it worse. It gives consumers a false sense of security and a false idea that the app is great as you’re entering it through a glowing App Store page with raving reviews.”

Following Eleftheriou’s initial findings, Apple removed KeyWatch and several other scam apps, but has yet to take action against other services from the same developer, a company called ReadIQ. 

Eleftheriou has since highlighted several other scam apps on the App Store, under the thread, “How to spot a $5M/year scam on the @AppStore in 5 minutes flat”. Several other top app develpers and companies have chimed in with their experiences of similar ripoffs, and called on Apple to take more action.

“I’m not gonna stop. Whenever I see a scam, I’m going to call them out,” Eleftheriou went on to tell The Verge. “I just can’t wait for some actual proper change from Apple to make me feel like I should concentrate on what I should be concentrating on, which is app development.”

Via The Verge

Source