'Software Pirates' Stole Apple Tech To Distribute Hacked Mobile Apps To Consumers
Thursday, February 21, 2019
Prior news reports highlighted the abuse of Apple's corporate digital certificates. Now, we learn that this abuse is more widespread than first thought. CNet reported:
"Pirates used Apple's enterprise developer certificates to put out hacked versions of some major apps... The altered versions of Spotify, Angry Birds, Pokemon Go and Minecraft make paid features available for free and remove in-app ads... The pirates appear to have figured out how to use digital certs to get around Apple's carefully policed App Store by saying the apps will be used only by their employees, when they're actually being distributed to everyone."
So, bad actors abuse technology intended for a company's employees to distribute apps directly to consumers. Software pirates, indeed.
To avoid paying for hacked apps, consumers need to shop wisely from trusted sites. A fix is underway. According to CNet:
"Apple will reportedly take steps to fight back by requiring all app makers to use its two-factor authentication protocol from the end of February, so logging into an Apple ID will require a password and code sent to a trusted Apple device."
Let's hope that fix is sufficient.
Comments