Apple's developer certificates are in for yet another issue. A new report from Reuters says the tech giant's developer certificates have been misused to distribute illicit versions of several legitimate apps.
The app distributors involved include TutuApp, Panda Helper, AppValley, and TweakBox, among others. These software pirates have allegedly been offering hacked copies of popular apps and games including Spotify, Angry Birds, Pokemon Go, and Minecraft to iPhone users for an annual subscription fee of $13 or more, stripping both Apple and app developers off their revenue streams.
It's currently not clear how many hacked versions of affected apps are in distribution. The report found that some of the app distributors masqueraded as a subsidiary of China Mobile and leveraged its certificates. These types of certificates are meant to distribute software apps among employees without having to pass through Apple's strict App Store rules.
A few of those illegal distributors have already been terminated over the course of the past week, but some of them were reportedly able to resume operations by using different certificates. Apple told Reuters that it is currently "evaluating the cases of misuse" and will immediately revoke the certificates of offending distributors just as it rescinded Facebook and Google's developer certificates late last month for running voluntary spy apps on the devices of selected users.
The latest report comes shortly after Apple told all members of its developer program to start using two-factor authentication to access their account by February 27. But whether or not that move will help prevent bad actors from abusing the program in the future remains to be seen.
Source: Reuters
2 Comments - Add comment