Is Your Mac Safe? Researcher Finds Malware Chinese Apps On Mac App Store

Chinese apps using unfair practices
Image: Apple

Mac is always touted as the “more safe” operating system. But time and again, researchers find deceptive apps on the store whose sole purpose is to build a business by deceit. They also extract a lot of undue data about their users in the process.

Alex Kleber, a security researcher discovered some fraudulent Chinese apps which were indulging in unfair practices on the App Store.

What did Alex Kleber find about Chinese apps?

Kleber tried checking the most popular apps in certain categories and found out that a single developer was distributing multiple copycat products on the store. All these apps had ties to the same developer and were using Cloudflare to hide their hosting provider.

Alex found out that these Chinese apps altered their user interface by issuing remote commands. He explained that the app users would see a different UI that was designed to force them to make a purchase. Moreover, the close button was missing from the app and pop-up window, leaving the user with the sole choice of making a purchase.

Chinese apps
Image: WordPress library

The developer also resorted to unfair means to rank in the app store. They used fake reviews on all their apps to help present a positive user experience. App ratings and reviews are crucial metrics before downloading an app or making a purchase. By posting fake reviews, the developer was misleading users to try his app.

What is more bizarre is that these apps appear in the top list for specific categories. Apple recommends these apps to users who have no idea what it actually is. Moreover, the developer released the same app with minor tweaks to cover as much ground as possible and leave no good alternatives for the users.

Alex also found out that the apps were collecting user data that was irrelevant to the application’s use case. By doing this, they were abusing their right to collect personal data while keeping the users in the dark. The names of these apps exposed by Alex are as follows:

  • PDF Reader for Adobe PDF Files
  • Word Writer Pro
  • Screen Recorder
  • Webcam Expert
  • Streaming Browser Video Player
  • PDF Editor for Adobe Files
  • PDF Reader

You can read his full report published on Medium here. He shared that Apple removed all 7 developers’ accounts mentioned in his article.

Similar Posts