When it comes to malicious apps, most people may intuitively think that Android users are easier to download from Google Play (and Android phones also allow sideloading apps), while iOS users are more likely to use Apple’s App Store censorship mechanism and do not allow sideloading of apps. Therefore, it is more difficult to be invaded by malicious programs.
But unfortunately, malicious actors have now discovered that they can use Apple’s TestFlight tool to send malware to unsuspecting users, and through TestFlight, they can also bypass Apple’s app review mechanism.
What is TestFlight? TestFlight is Apple’s tool to assist developers in sending beta software. Developers can use TestFlight to send apps to 10,000 iPhone and iPad users, and beta software does not need to be reviewed by the App Store. You can send it, Apple has no idea that hackers use this method to spread malware.
However, not all iOS users need to worry about “winning”, because if you want to receive test applications delivered by TestFlight, the premise is that TestFlight must be downloaded first, and then hackers can use TestFlight to deliver malicious applications.
However, if you have downloaded TestFlight for iPhone and iPad, you should be careful before serving as a new app tester, because through TestFlight, beta app download is very simple, and the developer even provides a public download link to let you download the app. No fishing letter is required.
The malicious activity was discovered by security firm Sophos, and a criminal group named CryptoRom has been sending fake cryptocurrency apps to iOS and Android users. The fake iOS app discovered by Sophos this time is a fake BTCBOX Japanese cryptocurrency exchange app; some people pretend to be a cryptocurrency mining company BitFury and send fake apps through TestFlight.
TestFlight is easy to send beta applications and does give hackers room to operate, but Apple will not rashly change the TestFlight workflow, because it will affect the work of real developers; Apple can only tell users not to download and install applications from unknown sources to avoid cheating .