Wednesday, 17 August 2016 17:02

Multiple fake apps found in Apple App Store Featured

By

By the time you read this, Apple would have removed at least 10 fake bitcoin wallets from its App Store. But that is the tip of the iceberg as a tsunami of fake apps expose huge flaws in its review process.

Breadwallet LLC, a bitcoin wallet, posted on Reddit.com that multiple fake bitcoin wallets were in the Apple Apps store stealing users funds or worse. The fake apps had portions of legitimate source code, icons, and graphics from legitimate apps that were on Google Play – all to fool users into thinking they were using official wallets.

It identified the following (links disabled) and Apple promptly checked and removed the offenders – but there may be more.

  • GreenAddress Bitcoin Wallet https://itunes.apple.com/us/app/greenaddress-bitcoin-wallet/id1139753685?mt=8
  • Simple Bitcoin Wallet https://itunes.apple.com/us/app/simple-bitcoin-wallet/id1138700421?mt=8
  • Simple Bitcoin Wallet https://itunes.apple.com/us/app/simple-bitcoin-wallet/id1140433170?mt=8
  • GreenBits Bitcoin Wallet https://itunes.apple.com/us/app/greenbits-bitcoin-wallet/id1138675915?mt=8
  • Bitcoin Wallet https://itunes.apple.com/us/app/bitcoin-wallet/id1137555856?mt=8
  • Bitcoin Armory Wallet  Bitcoin offline wallet https://itunes.apple.com/us/app/bitcoin-armory-wallet-bitcoin/id1139569125?mt=8
  • Blockchain Offline Bitcoin Wallet https://itunes.apple.com/us/app/blockchain-offline-bitcoin/id1140411956?mt=8
  • BitcoinCore Bitcoin Wallet https://itunes.apple.com/us/app/bitcoincore-bitcoin-wallet/id1140170409?mt=8

The Reddit comments were full of incredulous people decrying the trust they had placed in Apple’s App store. “I thought they had a decent vetting process,” said one. To which another responded, “Had is the past tense.”

The App store is supposed to be 100% safe. Its vetting process has come under criticism, as you can drive a truck through everything from the way it reduces competition to its apps to security vetting.

One writer said (paraphrased to remove duplication):

In the early day’s apps were rejected for duplicating Apple’s existing functionality – nothing in the store could directly compete e.g. Google Maps fiasco where Apple had removed the default Maps in favour of Apple Maps.

It claims, and we believe that it catches security-related issues, but it falls far short. Without a full code review, Apple cannot address more than the obvious security concerns. Fake apps are a big issue, and it missed these by a mile.

“For a long time, it seemed as though Apple’s tight controls over its ecosystem were a fairly impenetrable measure against nefarious applications, malware, and junk,” John Casaretto, founder of BlackCert, a SSL security certificate company, told SiliconANGLE.

“Clearly, that is not the case anymore and in an instant, the Application Development Signing Certificates, the Apple Developer Program, and the application review process are all negated by a handful of malicious apps that have made their way through. It goes to show that assumptions can get people in trouble, especially when a financial target such as Bitcoin is involved. The best practice is to stick to the source and official apps to stay on the safe side.”

Remember that Apple is the sole arbiter of what goes on the app store. Nothing hits the store without its approval. The buck has to stop there.

DIGITAL MARKETING HAS NO SOCIAL DISTANCING OR TRAVEL RESTRICTIONS

As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email andrew.matler@itwire.com

CONTACT US!

LAYER 1 ENCRIPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments