How Mac users are being scammed


Since the inception of the App Store for mobile devices and the Mac App Store for computers , Apple has said it is the safest way to download apps to devices. At the same time, the owners of iPhones and iPads have no other options to get the right application. In this regard, poppy drives are in a more advantageous position. Apple does not restrict them from where to download software. At the same time, it is much more convenient to download some basic programs like a reader for PDF documents from the Mac App Store .

However, the security of the app store turned out to be imaginary. Recently, a large number of programs have begun to appear that are moderated and inject malicious code onto the computer. Let’s see how this happens and how it can be fraught with users.

Viruses on Mac

The Mac App Store is handy for downloading and updating small apps like Shazam.

Those who have been using Apple devices for years are used to the fact that the company is trying its best to take care of their security. This has become especially noticeable in recent years. Operating systems are getting more and more features that are aimed at protecting the personal data and privacy of users. In this situation, the news that moderation in the Mac App Store can be fooled quite easily looks intimidating.

The new schema looks like this. Hidden malware is added to the application, which can receive commands from some server. Until the application is approved, it does not give itself away in any way. As soon as all the stages of moderation are over and the program gets into the Mac App Store , the code is launched. After that, developers can remotely change any component of the application, up to the interface. Thus, Apple saw and approved one program, and users received a completely different one.

Developer servers are used to promote malware.

To hide the source of this code, all commands go through the Cloudflare servers – the developer of the well-known VPN service and GoDaddy. Thus, where the application receives commands from and where it sends the stolen data is hidden. And most importantly, the privacy policy of such programs refers to public web pages.

But the most interesting thing is not that. One such application is the now-deleted “PDF Reader”. After downloading, it offered users to pay for a special subscription, and after payment it simply didn’t work corny. Naturally, the program received a huge amount of negative feedback.

However, for every bad one, several dozen good ones immediately appeared. And the app received a rating close to five stars. Naturally, all positive reviews are very similar to those bought: written in a neat literary language, with the arrangement of all punctuation marks.

Unfortunately, when downloading, we most often focus only on the rating and rarely read reviews. Therefore, this variant of deception works very well. At the same time, subscribing to the missing functionality is not the worst thing that can happen.

Such programs can download malicious code to users’ devices and steal logins, passwords, bank card details, and other personal data. Apple is looking for such applications, but, unfortunately, it is not possible to identify them all at once.

Malware on iPhone

Maybe the regular App Store isn’t as secure as they say?

In this regard, Cupertino’s position regarding the App Store for mobile devices looks more and more shaky . Security is at the heart of Apple ‘s fight against governments around the world who want the company to have access to third-party app stores on iOS and iPadOS . After such news, there is no longer any unequivocal confidence in the security of branded application stores. And most importantly, it is not clear whether it is possible for the same programs to get into the regular App Store .

Taking into account the fact that there are much more developers who want to place their applications there, as well as applications for the iPhone and iPad, it takes much less time to moderate one such program. Therefore, the probability of missing a malicious application is several times higher.

Apple seems to need to hire programmers to review all software that wants to get into the App Store in order to maintain the trust of users . Moreover, it will be necessary to dissect the program code in order to find a threat to consumers in it.

If Cupertino does not resort to a more in-depth way of checking software, then soon users will no longer trust the Mac App Store at all . And the most convenient option to install the necessary software will be downloading from the developers’ sites. Let’s hope that Apple is adequately aware of the scale of the tragedy and will start doing something.

Otherwise, the word “security” will soon simply cease to be associated with Apple , and huge reputational costs will follow. I would like to believe that none of us will encounter such applications and will not lose any important data. Therefore, before downloading or paying for any subscriptions, be sure to read all reviews, including negative ones. This will help you save your money and nerves.