Even though Apple’s systems are considered some of the most secure on the market, there are still situations where malware can end up reaching them. And that is exactly what has been discovered recently, where malicious users find themselves using the TestFlight system and WebClips to infect devices like the iPhone and iPad.
Apple has always been very tight-lipped about accepting third-party apps on its systems, saying it would open the door to exploiting security holes and make the system less secure – even if such a measure is enforced. . to virtually all other operating system devices on the market, such as Android.
This is why any application, before being accepted on the App Store, must go through a long period of approval. However, according to a recent survey by the security company Sophosit seems that criminals have found a new way to bypass Apple’s protections and deliver malware directly to victims’ devices.
A new malware campaign dubbed “CryptoRom” sends fake cryptocurrency apps to company devices using the TestFlight system. This system is used by Apple developers to create test systems for their apps – similar to beta apps – where users can access the latest news within an app.
However, this system also allows users to access applications that have not yet been validated by the company for distribution by the App Store. And this is exactly where the pattern begins.
Attackers take advantage of this system to send their bogus apps to users, and while the TestFlight system still needs to be validated by Apple, the rules are considerably more frivolous. It is precisely this point that is exploited, allowing attackers to trick their victims into installing an application on the system, pretending to be something “official”.
Once installed on systems, malicious apps steal as much information from them as possible, including login data, cryptocurrency wallets, and other data that might be important to attackers.
Another way attackers have circumvented Apple’s security is through the use of WebClips, which allow you to create small web apps on the home screen of devices – which are essentially websites developed directly for devices. mobiles, but which work as a regular application on the system. . Criminals can take advantage of this feature to create fake websites similar to recognized platforms in the market for the sole purpose of stealing data.