Remove these Apple App Store apps that contain malware

Apple’s devices and App Store are generally considered more secure than their competitors such as Android and Windows. Apple has more control and curation of what software it allows on its App Store, so malware is much less common than, say, Google Play. However, as the last few weeks have shown, even reputable and frequently downloaded apps can covertly be malware. Even on Apple platforms.

Most recently, Alex Kleber of security research Found 7 malware apps It’s hidden in plain sight in the Mac App Store. According to the App Store listing, all seven apps appear to be made by separate publishers, but Kleber discovered they were actually made by one of his groups based in China. did.

The app in question is:

• PDF reader for Adobe PDF files (Sunnet Technology Inc.)
• Word Writer Pro (Natozo only)

• Screen recorder (Safeharbor Technology L Ltd.)
• Webcam Expert (Wildfire Technology Inc.)
• Streaming Browser Video Player (Boulevard Technology Ltd.)
• PDF Editor for Adobe Files (Polarnet Limited)
• PDF Reader (Xu Lu, apparently related to Sunnet Technology Inc.)

Apple has removed these apps from the macOS App Store, but they will not be removed from devices that downloaded them. If you have these apps on your Mac, remove them as soon as possible.

All of these apps are in the top 100 most downloaded apps in the US App Store rankings, some of them are in the top 10, and PDF Reader for Adobe PDF files is #1 in the Education category. was ranked in

Uploading malware to Apple’s App Store is difficult, but clearly not impossible. The developers behind seven malware apps submitted “harmless” versions of the apps that hid the dangerous code in an encrypted database. Once the app passed authentication and became available on the App Store, it was essentially “morphed” and activated the hidden malware. Many Android malware apps use similar strategies to bypass Play Store security checks.

Apple removed all seven apps following Kleber’s disclosure, but their presence indicates that malware can easily appear anywhere, even on seemingly secure platforms like Apple’s App Store. I’m here.

actually, MacRumors reported last week A top third-party Facebook ad management app that was stealing user data, hijacking accounts, and using account owners’ advertising budgets to promote ads for malicious app developers’ software. Apple also removed an unnamed scam app from the iOS App Store, but it appears to have been downloaded over 250,000 times before being disabled.

You are safe from this recently-spotted App Store malware, but let it act as a warning against downloading unknown apps from any platform. If a fake app is able to climb the rankings like this, there may be other malware lurking in the App Store today.

Malicious app developers go to great lengths to appear legitimate. Some apps mimic or outright steal other software’s interfaces and functionality. It usually works as intended while hiding fraud and invasive data-stealing capabilities. These intrusive features usually (but not always) require advanced permissions that are unrelated to the app’s advertised use.

Many hackers even create fake companies, including fake websites and privacy policies (requirements for submitting apps to Apple). I’ve seen other scam apps use fake privacy policies on the App Store, and it’s easy to spot if you look closely. Many appear on random domains unrelated to the app or its publisher. For example, all seven of his apps that Kleber found used her single GoDaddy domain. Similarly, apps often feature dubiously high ratings and glowing user reviews, so it’s important to read more than just top-rated and top-listed user comments.

Still, even if you’re super vigilant, the best way to keep you and your device safe is to only download well-known apps from trusted publishers.

[Mac Observer]