Dozens of dangerous and damaging iOS apps have remained available to download in Apple’s mobile app repository months after being discovered, a report from cybersecurity researchers at VPN Check has found.
The company notes antivirus firm Avast originally found 133 fraudulent apps in March 2021 and disclosed these findings to Apple. However, more than a year after the initial findings, VPN Check says 84 of those apps are still very much alive and kicking.
The apps include photo and video editors, wallpaper apps, horoscope apps, phone cleaners and fake antivirus apps, and similar products.
Hidden fees and subscriptions
The apps are not necessarily malware, or viruses. They might not try to steal data, damage, or destroy the endpoint they're infecting. But, they do try to incur extra costs for the victims (either via hidden fees, premium subscriptions, or other similar mechanisms), and are relatively hard to eliminate from the devices.
Overall, VPN Check says these apps are scamming users out of at least $100 million every year.
At the same time, the company is laying the blame on Apple, saying that the company refuses to act swiftly and remove the malicious apps from the store. The Cupertino mobile giant, VPN Check argues, still gets its cut from the fraudulent earnings, and stands to lose an entire revenue stream if it moves swiftly.
“It might not be in Apple’s interest to address the issue,” the company states. “With the mobile phone market being saturated, the big bucks are increasingly earned in the App Store. And Scam apps are great clients. They obviously make a lot of money through their scams, of which Apple gets its cut. Plus, the App Developers spend a lot of that money on running Ads on the App Store that Apple also gets to pocket. Not too shabby, as they like to say at Apple.”
That’s quite the incrimination, and we'll see what Apple has to say - TechRadar Pro has contacted the company for comment, and will update if we hear back.
- These are the best ransomware protection services right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.