Despite Apple’s rigorous App Review process, a new crop of scam apps for macOS have been discovered on the company’s App Store (opens in new tab).
As reported by The Verge (opens in new tab), principal software engineer at Red Hat, Edoardo Vacci discovered the first in the latest batch of scam apps. The app in question, My Metronome, locks up and won’t allow users to quit using either the menu bar or keyboard shortcuts (it can be Force Quit though) until they agree to pay a $9.99 per month subscription.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
According to FlickType founder and scam app hunter Kosta Eleftheriou who spoke with The Verge, the developer behind My Metronome seems to have “experimented with various techniques over the years of preventing people from closing the paywall”.
Following a tweet (opens in new tab) from Eleftheriou, My Metronome was removed from the App Store but its developer, Music Paradise, LLC is also connected to another app development company called Groove Vibes that has created similar scam apps. In fact, according to the privacy policies of both companies, they’re registered at the same address and both mention Akadem GmbH.
Pay to quit apps
To see for themselves, The Verge decided to test Music Paradise’s Music Paradise Player app along with all of the Mac apps made by Groove Vibes.
According to the news outlet, all of the apps it tested immediately displayed a pop-up that asked users to sign up for a subscription. While three apps from Groove Vibes allowed users to quit using the menu bar or by pressing Command+Q, two of the company’s apps along with the Music Paradise Player app greyed out the quit option in the menu bar and prevented users from clicking the red button at the corner to close the app. Keyboard shortcuts were also of no use.
> Apple App Store isn't as scam-free as you might think (opens in new tab)
> Apple now lets users report App Store scams (opens in new tab)
> Avast overhauls flagship antivirus service to shield against online scams (opens in new tab)
Unlike ransomware (opens in new tab), the apps in question don’t lock users out of their files but instead prevent users from easily closing them so that they fall for the scam and sign up for a monthly subscription instead.
Surprisingly, all of these scam apps (opens in new tab) appeared to slip through the cracks during Apple’s App Review process which should have prevented them from being published in the first place. While scams like these do reappear from time to time, at least Apple added a “Report a Problem (opens in new tab)” button to the App Store so at least users can warn the company about scam apps.
- Regain control over your devices with the best malware removal software (opens in new tab)
Via The Verge (opens in new tab)