Apple’s enterprise program continues to face challenges, now deals with pirated apps

Reports by Reuters suggest that hackers are misusing the enterprise developer program by Apple to distribute several popular iOS apps such as Spotify, Minecraft, Angry Birds, and Pokémon Go. In fact, it seems that the hackers managed to modify the blocked in-app advertisements in order to make the paid versions free – depriving both, the original developers and Apple from garnering its revenue.

Upon receiving information regarding the pirated apps, Apple immediately banned these apps. However, news reveals that the apps were up and running under different certificates within a matter of days.

Similar discovery also came in light for pornography and gambling apps just a few days ago, indicating the challenges Apple is facing to control access of its enterprise certificate. The tech giant introduced the enterprise certificate to allow companies to make apps for its employees without going through the Apple App Store.

When contacted by the Reuters’, a spokesperson from Apple condemned these pirated acts and sternly warned the developers who were misusing their enterprise certificates of severe consequences that include termination of their certificates and even removal from the Apple’s Developer Program completely.
Related: Goldman Sachs On Google And Apple's Relationship, 'Apple Prime' Coming Soon
The company also claims to enhance their security process by requiring all developers to add two-factor authentication to their accounts. The prerequisite will be made available by the end of this month.

Just a few days ago, we heard the emergence of numerous porn and gambling apps on the Apple App Store. According to reports, the apps used an enterprise developer certificate that made them eligible for download on a standard un-jailbroken iPhone.

An investigation by TechCrunch reveals that acquiring a certificate to publish apps is an easy task. All it is required by the pirates is to create an account by using information of some publicly available company and paying a one-off payment of $299.

Those who manage to gain access to these developer certificates were often found to be selling access to the same on online marketplaces, resulting in multiple apps being registered to the same enterprise certificate.

The news of Apple’s exploited certificate became transparent when the news of Facebook using it to distribute an app to teenagers that would track their phone usage. Interestingly, Google was also caught in the same misdemeanor, which ultimately led to Apple temporarily holding down the certificates of both – Google and Facebook.

Some pirate developers are abusing Apple’s enterprise program to distribute hacked apps
Photo: Engadget

No comments:

Post a Comment