In the recent news, scammers are now using Apple’s TestFlight tool, which was created to enable developers to distribute their beta apps to users before they are released on the App Store to everyone. However, scammers have been using the platform to distribute malicious apps to vulnerable iPhone users without Apple’s knowledge.
Scammers Are Using Authorized Apple’s TestFlight Tool to Distribute Malicious Apps
According to reports, an organized crime campaign known as “CryptoRom” has been distributing fake cryptocurrency apps to iOS and Android users. While it’s easier to install apps outside Google Play on Android due to the sideloading process, iOS users can only download and install apps from the App Store in theory. Unfortunately, the scammers have discovered that they can use an authorized Apple platform (in this case, Apple’s TestFlight tool) to develop and distribute the same malicious apps to iPhone and iPad users.
Furthermore, with Apple’s TestFlight tool, developers can invite up to 10,000 testers to install their beta apps, which don’t pass through the App Store review procedure since the platform is intended for testing pre-release software. As an outcome, the company has no idea that the scammers are circulating a malicious app as a beta app, and any iOS user with TestFlight installed can download the app. The procedure of installing an app via TestFlight is relatively easy, as the developer can even create a public download link instead of inviting each user with their email.
Fake Sites Are Posing as Cryptocurrency Mining Firms on Apple’s Platform
“Some of the victims who contacted us reported that they had been instructed to install what appeared to be BTCBOX, an app for a Japanese cryptocurrency exchange,” Jagadeesh Chandraiah, a malware analyst at security firm Sophos wrote. “We also found fake sites that posed as the cryptocurrency mining firm BitFury peddling fake apps through Apple’s TestFlight tool. We continue to look for other CryptoRom apps using the same approach.”