Two Apple features are now being used by scammers to bypass the official App Store's security functions (vetting requirements).
Because of these, online attackers are able to exploit iOS malware, tricking people into downloading infected Apple applications.
For the past few years, the official Apple App Store required applications to pass a security review before they are published on the app platform.
The iPhone maker's app store has the so-called vetting system that prevents malicious apps from getting installed on iPhones and iPads.
Two Apple Features Used by Scammers on App Store
According to Ars Technica's latest report, the British security firm Sophos discovered that two features of Apple are now used by cybercriminals.
Also Read : UK Anti-Scam Program Joined by Facebook, WhatsApp! Here's How These Apps Can Help 'Stop Scams UK' Movement
"Previously, we found CryptoRom's deceptive applications for iOS devices exploiting Apple's 'Super Signature' application distribution scheme and abuse of Apple's enterprise application deployment scheme," said the cybersecurity firm via its official blog post.
Now, Sophos claimed that CryptoRom is now using Apple's TestFlight feature as well. Aside from this iOS function, security experts also believe that the WebClips feature is also being used by the hacking group to bypass the vetting system of the official App Store.
What is TestFlight, WebClips Features?
TestFlight is a platform used by the iPhone maker to allow app developers to conduct beta tests for their new applications. All iOS users can use this online tool to install apps that have not yet passed Apple's vetting system.
Meanwhile, the WebClips feature can turn website links into an app icon. CryptoRom scammers rely on this feature since it allows them to add clout to malicious links, disguising them as legitimate applications.
If you want to see more details about these two Apple features, you can visit this link.
In other news, the U.S. government is now warning against PrintNightMare exploitation. Meanwhile, Germany suggests that companies must replace their Kaspersky antivirus tool with other non-Russian software models.
For more news updates about other security threats, always keep your tabs open here at TechTimes.
Related Article : Microsoft Defender Alert Mistakens Office Update as Ransomware
This article is owned by TechTimes
Written by: Griffin Davis