Chinese Mac apps found abusing App Store
A group of seven developer accounts was found linked to the same Chinese developer.
An investigation into seven different apps on the Mac App Store, including the number one PDF reader in the U.S., has found that all of them are orchestrated by the same Chinese developer using fake reviews and command-and-control exploits to try and target users.
Research from Privacy1st (Alex Kleber) published this week has revealed that 7 different Apple developer accounts (so far) are all linked to the same Chinese developer and are using abusive practices to make money.
Kleber investigated several apps including the U.S. number one PDF reader in the Education chart on the Mac App Store, PDF Reader for Adobe PDF Files from Sunnet Technology.
The findings
The seven apps were discovered in various sections of the Mac App Store, and found by Kleber to be "abusive" un a number of ways. Kleber says they all use "command-and-control exploits in order to bypass Apple's review team and scrutiny. For example, an app could determine whether it was in Apple's review process, changing its UI so as not to fall foul of any App Store guidelines before unleashing popups asking for money on unsuspecting users. All of these apps were also buoyed by lots of fake reviews on their App Store pages, and downloaded a lot of data not related to the app's functionality. Finally, multiple spammy versions of the same app with slight variations were uploaded "in order to gain as much market-share as possible in some niches."
Having successfully duped Apple, these apps would push users to make purchases using deceptive windows offering purchases of trials or subscriptions with no close or cancel button in sight, leaving the user no option but to click okay and possibly making a purchase.
The fake reviews bought to boost the ratings of these apps seems to have come from the same vendor as fake reviews found by App Store critic Kosta Eleftheriou earlier this year.
Seems legit https://t.co/YvB67HOXTS pic.twitter.com/yMBKfajCVAApril 17, 2022
"The findings from this report show multiple techniques used by this developer to mislead and cheat Apple App Store users abusing the Apple App Store in all possible ways," Kleber concludes in his research.
Master your iPhone in minutes
iMore offers spot-on advice and guidance from our team of experts, with decades of Apple device experience to lean on. Learn more with iMore!
This isn't the first time Apple has come under scrutiny for the poor quality of some of the apps on its App Store on both iPhone and Mac. Security and quality are two of the key arguments made by Apple in maintaining its iron grip on the iOS ecosystem and the transactions that take place on it, but many have cast doubt on Apple's claims of curation and security because apps such as these are allowed to persist. While Apple has taken some steps to alleviate the problem, such as deleting fake reviews, clearly on Mac this remains a persistent issue.
You can read Kleber's full findings here.
Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design. Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9