Fraudsters use Apple’s Testflight service to distribute malware on iPhone devices / Digital Information World

TestFlight is a beta testing tool created by Apple for application developers. Developers can invite more than 10,000 people to download or distribute links through public direct download links to get consumers to download and test their apps. They are not reviewed by the App Store as they are in pre-release testing, which makes it easier for scammers to deliver harmful malware through fake apps.

According to Sophos, a cybercrime scheme known as “CryptoRom” has been used to target Apple and Android devices with fake cryptocurrency apps. Last year, CryptoRom malware was used to steal $1.4 million from Apple customers as part of the fraud. Social media apps, dating apps, and cryptocurrency were then used by fraudsters to target users. A variant of Apple’s TestFlight service, which allows users to test a beta version of the software before it is released to the App Store, is now being misused in the advancement of the scam. Installing Android apps from third-party app store through different platforms is possible. There are stricter policies at Apple, and that’s where the virus invasion comes from.

Fraudsters spread harmful program under the idea of ​​beta version, and iOS users who installed TestFlight are free to download it. The installation procedure for TestFlight is simple, and the app developer can even create a public link to download rather than sending individual invitations to each user via email.

Researchers have found that the scammers also promote harmful web apps, which are websites that can be displayed on the home screen of an Apple device and then used as apps to bypass Apple’s approval process. the App Store. Apple warns that users can avoid fraud by not installing or downloading any programs from unverified sources, even if the application is made available through the use of the TestFlight service, according to the company. phishing scams, Apple publishes recommendations on its website to protect against such fraud.

They should also pay attention to how the mail is worded and if it seems unusual, it should be deleted immediately.

Read next: What is the world’s largest market for smartphones?

Source link