Apple’s TestFlight was used to distribute malicious iOS apps

Companies have increasingly created tools that help users on a daily basis. The test flight of Applefor example, is a tool created to help developers distribute their beta apps to users before they are released on the App Store for everyone. However, scammers use TestFlight to distribute malicious applications without Apple’s knowledge.

TestFlight used to distribute malicious applications

As reported by security firm Sophos, an organized crime campaign known as “CryptoRom” is distributing fake cryptocurrency apps to iOS and Android users..

Although it’s easier to install apps outside of Google Play on Android because of the sideloading process, iOS users can theoretically only download and install apps from the App Store. Unfortunately, the crooks realized that they could use an official Apple platform, in this case TestFlight, to create and distribute the same malicious apps to iPhone and iPad users.

With TestFlight, developers can invite up to 10,000 testers to install their beta apps, which bypass the App Store review processbecause the platform is intended to test pre-release software.


Distribution of malicious agents via TestFlight

Apple has no idea that scammers are distributing a malicious app as a beta app, and any iOS user with TestFlight installed can download the app.. The process of installing an app through TestFlight is quite simple as the developer can even create a public download link instead of prompting each user with their email.

Jagadeesh Chandraiah, a malware analyst at security firm Sophos, said some of the victims who contacted the company reported being told to install what appeared to be BTCBOX, an app for a cryptocurrency exchange. Japanese currency. “We also found fake websites posing as cryptocurrency mining company BitFury selling fake apps through TestFlight. We continue to research other CryptoRom apps using the same approach, Chandraiah says.

The report also reveals that scammers also promote malicious web apps, which are websites that can be added to the home screen of an iOS device to run as apps, in order to Bypass the App Store review process.

how to protect yourself

As the change in how TestFlight works would affect developers, Apple stresses that users can avoid fraud by not downloading and installing any software from unknown sources, even if it is distributed by TestFlight.

Via: 9to5Mac

Add Comment