Apple fails to prevent the explosion of fraudulent apps on Mac
While Apple regularly praises the security of its closed system compared to Android, computer security researchers can only note the explosion of fraudulent applications on the iPhone and Mac App Store.
Apple often gives pride of place to the security offered by its closed system. In the eyes of the manufacturer, allowing the installation of applications not from the App Store represented a danger for the safety of users. However, it regularly happens that fraudulent applications or scams pass the examination of the App Review and can be found on the manufacturer’s application store. Lately, we warned you about these fake free apps, which actually require a payment to access their content.
However, computer security researcher and developer Kosta Eleftheriou has just discovered a series of dubious applications available for download on the App Store. Here again, they concern the Mac. Their mode of operation is simple, but effective: once launched, these apps display dozens and dozens of pop-up windows that make it impossible to close the app.
Of course, these windows invite you to subscribe to paid subscriptions to take advantage of premium features, but above all they stand out as the only solution for the user to recover the enjoyment of his device… Edoardo Vachi, another computer security researcher , is at the origin of the discovery of the 1st app of this group. Baptized My Metronome, this app blocks its closing by disabling keyboard shortcuts and the close icon in the menu bar.
Read also: Apple is preparing 9 new Macs with an M2 chip, here are all the models expected from the end of 2022
These apps are ready to block your Mac to trick you into paying
Only possibility to close it, subscribe to a monthly subscription of $9.99. Based on research by Kosta Eleftheriou, the developer of this app has been experimenting for years now different ways to prevent users from closing the paywall. And as said above, it is not the only one to operate in this way.
In fact, the company that developed My Metronome, namely Music Paradise LLC, is linked to another development studio present on the App Store, Groove Vibes. The privacy policies do indicate that both structures are registered at the same address in Russia and mention the same legal entity, Akadem GmbH. Our colleagues from The Verge have therefore decided to take an interest in the group’s other apps, and the finding is clear: all apps signed Music Paradise LCC and Groove Vibes display a pop-up asking for money when opened.
If some, however, allowed to close the paywall with the menu bar or Command + Q, two of them have voluntarily grayed out the standard red button to close, while the keyboard shortcuts remain ineffective. As the American media points out, theApple’s App Review should logically have prevented these apps from appearing on the App Store. Difficult to know why they were authorized for sale by the teams of the apple brand. Unfortunately, this is not the first nor the last time that fraudulent apps manage to slip through the cracks of the Cupertino company.
Source: The Verge