Bogus online app stores have begun to lure unsuspecting users to download fake applications, putting their security at risk. Once solely reliant on Android users, these third party app stores have shifted onto iOS and given countless iPhone users quite the headache. This particular trend isn’t directly targeting any one particular gaming or social community, meaning that all mobile users should be well aware of what they are downloading, and from where.
The reason that these fake online storefronts haven’t tapped into iOS until recently is due to Apple’s Developer Enterprise Program (DEP) – created to assist companies in building and distributing proprietary applications internally to their employees, third party stores use it to create fake store applications. Potential customers come to these online stores, download what they assume is the latest version of Pokemon GO, Facebook, or Twitter, while adware in the store itself is busy sifting through your mobile device and network. While the user continues to interact with the application, hackers get paid because they are able to access the user’s information and send super targeted ads within the application.
It should be noted that Apple polices its online app store and the DEP to a fault – however, the reason hackers were able to finally use iOS is because each company is granted a certificate in exchange for their $299 payment. Since there isn’t a limit, a hacker could easily create multiple fake accounts and make it that much harder for Apple to track which are legitimate – essentially, it is a game of cyber whack-a-mole and Apple is losing.
Here are the takeaways – make sure you are going directly to verified online app stores and be aware of the applications themselves. Repackaged applications are a common problem online, and luckily these only send advertisements to users; the alternatives vary and could be much more threatening. Keeping yourself up-to-date on the latest trends in cyber security and tips on how you can stay vigilant when online is imperative, whether you are at home or in the office. And, most importantly, blind faith in any third party vendors, app stores or otherwise, is putting your vulnerable data at risk if you or your company doesn’t have proper cyber security protocols in place.