Apple TestFlight used to spread malware on iPhones

Written by admin

Compared to Android’s App Store, Apple’s App Store is still placed at a much higher level, with extremely advanced security measures in place to protect its users.

However, new information revealed by security firm Sophos points to an organized crime campaign dubbed CryptoRom. This campaign takes advantage of vulnerabilities in Apple’s testing platform – TestFlight – to distribute fake cryptocurrency apps.

The Apple TestFlight platform is designed for app developers to make their beta apps available to users. The platform allows inviting up to 10,000 users for each application, allowing the installation of the application even if it is not present in the App Store.

Since the apps are still in the pre-launch phase, they have not yet reached the stage where they must successfully pass the App Store’s review process, thus allowing malware to spread through the testing group.

Sophos Apple Malware Iphones
Credit: Sophos

Apple TestFlight makes any iPhone user vulnerable to malware

Essentially, this new policy means that any user subscribed to TestFlight could be infected with malware on their iPhone. Obviously, when the most basic safety rules are followed when participating in application testing, the likelihood of infection is very low.

As stated by Apple itself, under no circumstances should users install apps from unknown sources, open links sent via email, and accept questionable permissions in apps.

The Sophos report also highlights that many hackers are turning to web applications to spread their malware. These apps are basically simplified versions of websites that can easily inject malware into smartphones. These web apps can also evade App Store security tools.

Follow all technology updates on TecheNet through the Google News. All the news in real time and without delay!

Other interesting articles:

About the author


Leave a Comment