Category: Apple|Feb 20, 2019 | Author: Admin

Abusing Developer Certificates to Offer Pirate Versions of Popular iPhone Apps

Share on

Illegal versions of apps derive from developer revenue.

Illegal versions of apps derive from developer revenue.

 

Software pirates have long taken over technology designed by Apple to distribute hacked versions of Spotify, Angry Birds, Pokemon Go, Minecraft, and other popular iPhone apps, Reuters reports.

 

Illegal software vendors, such as TutuApp, Panda Helper, AppValley, and Tweakbox should have found ways to abuse digital certificates to access a program that allows businesses to deploy applications to their employees without going through Apple's extensive App Store approval process.

 

Runs the apps for their revenue
The pirates have adopted so-called enterprise certificates available to developers. The result is that they offer modified versions of popular apps for regular consumers. For example, using a modified Spotify version circumvents the pirate's Apple, and the rights holders are deprived of their revenue.

 

Neither TutuApp, Panda Helper, AppValley, or TweakBox have answered Reuter's inquiries.

 

Hard to detect
Apple is not supposed to have the opportunity to monitor the distribution of such certificates, so the spread is virtually impossible to control. The company, however, stops such certificates if they discover that they are being abused.

 

- Developers who abuse our enterprise certificates violate our Developer Enterprise Program Agreement and will have their certificates terminated. They can also be removed completely from our Developer Program, a spokesperson for Apple told the news agency.

 

Apple also states that they continuously evaluate events where such certificates are being abused.

 

- We are immediately ready to take measures, says the spokesperson.

 

Introduces two-factor authentication
Some of these pirates will now be banned from the system, but in retrospect, they have managed to make the pirate apps work again using new certificates.

 

"There is nothing stopping these companies from doing this again from another developer account," said security manager Amine Hambaba of the software company Shape Security.

 

Apple now promises action to stop this abuse. Towards the end of February, the company will introduce two-factor authentication to overcome the problem. It will require a code to be sent to a phone and a password is required to log into developer accounts.

 

So it remains to see if it is enough to stop the pirates.

Sponsored Ads:

Comments:


Now Tesla can do something completely new

Category: General|Jul 4, 2022 | Author: Admin

"Google pushes users into comprehensive monitoring"

Category: Google|Jul 3, 2022 | Author: Admin

In this country, Apple must comply with the new iPhone law

Category: Apple|Jul 2, 2022 | Author: Admin

Are you tired of iPhone? Now Google makes it easy

Category: Google|Jul 1, 2022 | Author: Admin

The EU extends its 'Roam-like-at-home' mobile service rule through 2032

Category: IT|Jun 30, 2022 | Author: Admin

Apple's important iPhone project may have failed

Category: Apple|Jun 29, 2022 | Author: Admin

Dramatic Netflix message: announces they are losing two million customers

Category: General|Jun 28, 2022 | Author: Admin

This is how mobile cameras get better with a shrunken Samsung sensor

Category: IT|Jun 27, 2022 | Author: Admin

Now the PlayStation 5 screens come with 4K and 144Hz

Category: General|Jun 26, 2022 | Author: Admin

AirPods get better sound quality - much about AirPods Pro 2 revealed

Category: Apple|Jun 25, 2022 | Author: Admin

The day is here: all you have to do is launch your Playstation

Category: General|Jun 24, 2022 | Author: Admin

This card holds the record

Category: IT|Jun 23, 2022 | Author: Admin

Russians refuse to download Windows 11 and 10

Category: Microsoft|Jun 22, 2022 | Author: Admin

Tesla is banned in this city

Category: General|Jun 21, 2022 | Author: Admin

Everyone with Sonos must know the super-tricks this button can

Category: IT|Jun 20, 2022 | Author: Admin
more