Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Chinese App Creates Another App Store Inside Apple's iOS App Store
#1
[Image: 5seMdjx.jpg]

Chinese devs hide app store inside an educational iOS app

The Chinese developers of an app called 开心日常英语 (Happy Daily English) have found a way to go around Apple's review process and embed a fully functional iOS app store inside their application and had it hosted on the official iOS App Store itself.

The developers of this app, a Chinese company named XY Helper, have done this by creating a fully working iOS app that exhibits two different behaviors based on the user's geographical location.

For non-Chinese users, the app would be a simple educational app that taught Chinese users English, but for Chinese users, the app would transform itself into an app store that allowed them to install rogue, pirated or cracked apps using various tricks, without requiring users to go through the side-loading process.

Double-faced behavior fools Apple's reviewers

The app got approved and added to Apple's website when the iOS App Store reviewers accessed the app, from somewhere outside China, and didn't notice anything strange, seeing its educational interface.

But as Palo Alto security researchers are explaining, this app followed all the legal procedures not to give itself away, and then installed third-party apps on user phones without triggering any alarms.

Its bag of tricks includes the re-implementation of a tiny Windows Apple iTunes client. This allowed users to download and even purchase apps from third-party stores using a realistic Apple interface.

The store-in-store app (codenamed ZergHelper by security researchers) also recorded some of Apple's Xcode IDE functions, so ZergHelper would automatically generate app development certificates, right from Apple's server. These certificates would then be used on a per-client basis to sign the rogue applications it would be installing.

For some users, the app captured their Apple IDs

The app also asked users to re-type their Apple IDs in order to generate these certificates in their names. For some users, ZergHelper reused Apple IDs so that it wouldn't attract too much attention.

On top of this, ZergHelper was coded in Lua, a programming language that allowed the developers to dynamically update the app, but without going through Apple's app review process. This technique allowed the developers to change the app's behavior without the risk of being discovered during subsequent updates, something akin to the JSPatch library.

The malicious store-in-store app existed on the official App Store from October 30, 2015, to February 19, 2016. Palo Alto says it noticed ZergHelper distributing over 50 apps rogue apps.

Source
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Android App Store Shows Up on Windows 11 mrtrout 0 2,502 09-21-2021 , 01:19 AM
Last Post: mrtrout
  Cydia Store Shuts Down as the Days of iPhone Jailbreaks Are Numbered mrtrout 0 1,760 12-17-2018 , 08:04 PM
Last Post: mrtrout
  Chinese App Developers Hit Apple's Money Jackpot tarekma7 0 3,020 02-12-2016 , 01:16 AM
Last Post: tarekma7



Users browsing this thread: 1 Guest(s)