Tuesday, 12 January 2016 14:03

IPhoney’s app store – apps from the dark side Featured

By

A phoney iPhone app store is offering more than 1 million apps including the top ten iPhone apps for free.

Proofpoint Targeted Attack Protection (TAP) Mobile Defence discovered apps on iOS devices that did not match apps in the Apple App Store. MDM assessments showed that these devices were not jailbroken.

The app marketplace is called vShare.com and has existed for several years serving apps for use on Android devices and on jailbroken iOS devices.  vShare has now found a way to enable its store for non-jailbroken iOS devices. The vShare marketplace is accessible to iOS devices anywhere in the world, representing a global expansion of this attack technique.

The ability to download iOS apps to non-jailbroken iOS devices from what Proofpoint has called a ‘DarkSideLoader’ places consumers and corporate employers at risk.  These apps can make use of private iOS APIs to access operating system functions that would not be permitted by apps vetted by Apple’s app store. These apps can also use known or zero-day security vulnerabilities that could lead to devices being jailbroken or granting administrator privileges to these illegitimate apps.

Sideloading is the process of downloading and installing apps onto a mobile device from a source that is not an official consumer app store or a valid enterprise app store.  On Android devices this can be done by enabling the settings to download apps from unknown sources in the general device settings. On iOS devices installing unapproved apps was previously only possible by jailbreaking an iPhone or iPad.  However, DarkSideLoader allows apps to be installed through the use of a fraudulent or stolen enterprise app distribution certificate coupled with app re-signing.

Proofpoint researchers have studied both Android and iOS apps from the vShare marketplace.  In Android it found attempts to root devices, install apps without user permission, and communicate to known malicious sites on the Internet. 

In iOS is found it was possible to download apps that acted as Remote Access Trojans, allowing attackers access to mobile devices of employees when they are active on internal corporate networks.

Why not just use the official app store and avoid this risk?

Consumers and children use rogue app marketplace in order to download games, wallpaper and other media without paying for them.  They can also access apps that give them access to streamed movies and other content, and productivity apps without payment. 

vShare makes money from the advertisements it shows – not the apps it gives away.

It offers free downloads of popular, paid apps as an attractive lure to draw people to a DarkSideLoader marketplace and entice them to click. The top-ten paid apps on the Apple App Store are all available for free on the vShare marketplace, including well-known titles such as Minecraft and Geometry Dash. Other popular paid iOS apps offered as free downloads by this market include games such as Grand Theft Auto: San Andreas and Clash of Clans, as well as business productivity apps from publishers including Adobe and Microsoft and apps for pirating movies such as MovieBox. 

There are also apps available that are not available on the legitimate Apple app store, such as for pirating content and downloading BitTorrent files.

The site claims over 40M users, and Proofpoint investigations indicate that approximately 25 percent of the users are on iOS devices.

The danger

Apps from outside the official app store can be tampered with.

Popular paid apps available for free on the vShare marketplace

Top 10 paid apps on Apple App Store are all available for free on vShare rogue app store (as of Dec 22, 2015):

App Name

Publisher

Minecraft: Pocket Edition

Mojang

Heads Up!

Warner Bros

Cut the Rope: Magic  

ZeptoLab UK Limited

NBA 2K16      

2K

Geometry Dash         

RobTop Games AB

Mineraft: Story Mode           

Telltale Inc

Scribblenauts Unlimited       

Warner Bros

Toca Blocks   

Toca Boca AB

Lucky Block for Minecraft

JK2Designs LLC

Terraria

505 Games

Other notable popular paid apps that are also on vShare for free:

App Name

Publisher

Clash of Clans

Supercell

Spotify Music 

Spotify

Candy Crush Saga     

King.com Limited

Madden NFL Mobile 

Electronic Arts

Grand Theft Auto: San Andrea

Rockstar Games

Plague Inc

Ndemic Creations

Facetune  

Lightricks Ltd

 

Top paid business apps available for free:

App Name 

Publisher

Docs To Go Premium

DataViz, Inc

Scanner Pro

Readdle

Splashtop 2 remote desktop

Splashtop Inc.

PDF Office      

Readdle

Printer Pro

Readdle

 

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.

REGISTER HERE!

LAYER 1 ENCRYPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

VENDOR NEWS & WEBINARS

REVIEWS

Recent Comments