Apple Developer Program Co-opted to Install Pirated iPhone Apps

Florence Fletcher
February 15, 2019

Apple has confirmed that the company plans to implement a two-factor authentication method, requiring all app developers to provide a code sent to a phone and a password.

Developers of "pirate" apps have distributed hacked versions of popular iPhone apps such as Spotify, Minecraft, and Pokémon GO, according to a Reuters report.

However, the recent revelations also highlight a clear failure on the part of Apple to police its Developer Enterprise program.

Of course, like Facebook, Google, and the plethora of porn and gambling apps, these pirate distributors are in an egregious violation of Apple's Developer Enterprise program, although in this case it seems that their transgressions go far beyond a simple contractual violation, into the realm of blatant software piracy and theft of intellectual property.

Pirates reportedly managed to get altered versions of popular apps onto the App Store.

Reuters reports that distributors including TutuApp, Panda Helper, TweakBox, and App Valley are abusing these certificates to deal out hacked installs of apps like Spotify, Pokemon GO, and Minecraft.

Trump to sign border bill, declare emergency -McConnell
For President Trump's impending national emergency, Ferguson says his legal team "has been reviewing this issue for some time". Senate majority leader Mitch McConnell announced Mr Trump's plan on Thursdsay before voting on a compromise bill.

Joe Flacco still not long-term solution Broncos need at QB
The trade can not become official until March 13, so by league rules, the Broncos can not publicly talk about the move until then. Without needing to use a first-round pick on a quarterback, the Broncos will likely address one of their other positions of need.

‘Apex Legends’ Is Replacing ‘Fortnite’ as the King of Battle Royale Games
Since its launch last Monday, over 25 million players have played the game. Apex Legends is now available for free on PC, PS4, and Xbox One .

The pirates generate revenue by offering a cheap yearly "VIP" subscription, which claims to offer more stable versions of all its pirated iPhone apps.

Apple's enterprise developer program is meant to be used as a way for companies to distribute internal apps to its employees.

Enterprise developer certificates are being used to allow consumers to stream music without ads and to circumvent fees and rules in games, which deprives Apple and third-party software companies of potential revenue. However, it can cancel certificates if it finds that they are being misused.

The report notes that the issue begins with Apple's lax requirements for accepting companies into its enterprise program, which is exclusively meant for corporations to permit staff to aspect-load apps for inside use.

The distributors of pirated apps seen by Reuters are using certificates obtained in the name of legitimate businesses, although it is unclear how. Apple's efforts to make jailbreaking more hard and less worthwhile has likely resulted in that aspect of the privacy market drying up, forcing these companies to look for other ways to get their apps onto users' devices. Apple plans to release the security update by the end of the month.

Other reports by

Discuss This Article