Apple’s App Store is the most tightly controlled app distribution platform in the world but software pirates have hijacked technology to distribute hacked versions of Spotify, Angry Birds, Pokemon Go, Minecraft and other apps on iPhones. The illicit software developers are reportedly using Apple’s own technology to engage in distribution of counterfeit applications. The illicit software distributors such as TutuApp, Panda Helper, AppValley and TweakBox have reportedly found a way to use Apple introduced program to distribute hacked versions of popular apps.
According to Reuters, these illicit software distributors are tapping into the so-called enterprise developer certificates to distribute modified versions of popular apps. Apple introduced the program to let corporations distribute business apps to their employees without having to go through App Store’s confirmation process. The modified apps distributed through this mechanism enables consumers to stream music without ads and lets them circumvent fees and games usually applicable with games.
The process deprives Apple and app makers of the revenue they make from legitimate applications. These pirate app distributors are also violating the rules of Apple’s developer programs, which only allows distribution of app to the general consumers through its App Store. The report also notes that Apple does not have a way to track the real-time distribution of these certificates. It also cannot track the spread of modified apps on iPhone but it does have the power to cancel the certificates if found to be misused by developers or illicit software distributors.
Reuters notes that Apple has banned some of the pirates from the system after it contacted the company for comment last week. However, these pirates have been found to use different certificates and have become operational once again. “Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be removed from our Developer Program completely,” an Apple spokesperson told Reuters.
Watch: Apple iPhone XS, iPhone XS Max Hands On
Apple has also confirmed that it would require a two-factor authentication using code sent to a phone as well as a password to log into all developer accounts by the end of this month. The move could help prevent misuse of enterprise certificate by software pirates. App developers such as Spotify are fighting back and in its new terms of service, the Swedish music streaming service said it would crack down on users who use ad-blockers to block ads on the application.
TutuApp reportedly offers a free version of Minecraft, which costs $6.99 in Apple’s App Store. AppValley, on the other hand, offers an ad-free version of Spotify’s free music streaming application. These distributors reportedly make money by charging $13 or more per year for subscriptions to so-called “VIP” versions of their services, which they claim to be more stable than the free versions. The report comes after Apple banned Facebook and Google from using enterprise certificates after they were found distributing apps that gather user data.