keeps emphasizing the importance of app reviews. But a security researcher shows that Apple’s security network is by no means seamless.

A security researcher has discovered several apps in the Mac App designed to deceive users and Apple’s App Review team. Apps with names like “PDF Reader”, “Screen Recorder” or “Webcam Expert” tempt you to buy expensive in-app subscriptions and do not provide any performance. The find documents the methods used by . But it also shows that, despite all efforts, Apple itself has apps in the US charts that slip through the safety net.

According to Alex Kleber, who appears as a security researcher under “Privacy1St”, the apps that have now been discovered are all controlled by the same Chinese developer. He created seven different developer accounts under which different apps were submitted, but they all follow the same system. With the large number should be achieved to achieve the highest possible market share against other apps. At the same time, Kleber proves that verbatim positive reviews are intended to ensure that visitors to the Mac App Store find the app interesting and download it.

Special views for app

According to Kleber, Apple’s app review is deceived by concealing the app’s true intentions in the review process. Instead of being asked to subscribe to services that are largely non-existent and to collect the money, Apple’s auditors only see the app behind it and a modified user interface. After publication in the Mac App Store, the developer controls the user interface using an encrypted JSON file.

Strange data transfers

It is also of concern that the app downloads encrypted data containing certificates and URLs in order to establish VPN connections. The purpose of this remains unclear – at least there is no connection with the actual functions of the app.

For Apple, the discovery comes awkwardly at a time when the App Store’s gatekeeper function is being questioned. Apple always justified the need for the previous system by saying that this was the only way to ensure a high level of security for users. In contrast to the iPhone and iPad, however, there is no question of allowing sideloading on the Mac, since Mac apps have always been able to be loaded directly. However, with the introduction of notarization, Apple also increased the hurdles for apps outside of the Mac App Store.

The examples shown show that the scammers’ methods can sometimes only be understood with considerable effort. On the other hand, since Apple has to live up to the pressure of expectations from developers and would like to allow new apps and updates as quickly as possible, the question arises as to whether Apple can really live up to the formulated high standards. In the past few months and years there have always been discoveries that have raised doubts.

