At the end of last month, Apple had to ban Google and Facebook from its services after the two companies were caught abusing its enterprise developer certificates to dispense data-gathering applications. It seems as though a number of dodgy distributors are also wise to the method, as hacked applications have been hitting iOS aplenty.
Software distributors TutuApp, Panda Helper, AppValley and TweakBox have been found pushing illicit versions of Spotify, Angry Birds, Pokemon Go, Minecraft and other popular apps on iPhones, according to Reuters. For a yearly VIP subscription per application, users have been able to wrongfully gain access to features that would otherwise cost, such as removing advertisements or circumvent fees on certain microtransactions.
“Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be removed from our Developer Program completely,” Apple told the publication. “We are continuously evaluating the cases of misuse and are prepared to take immediate action.”
Unfortunately, every time Apple has banned the culprits, they have re-emerged almost immediately under different names. Instead, the company is now beginning to enforce two-factor authentication on developer accounts, hoping to alleviate the situation. Spotify, Angry Birds developer Rovio Entertainment and Pokémon GO’s Niantic are also fighting back, adding clauses into their terms and working with partners to crack down on infringement.
All of the illicit companies have unsurprisingly failed to publicly respond to requests for comment, therefore keeping the revenue made from the exploit under wraps. It is similarly uncertain how much money legitimate companies have lost out on because of the scheme.
KitGuru Says: Although the deal might seem awfully tempting, it’s worth noting that these so-called ‘companies’ won’t be around for much longer and would therefore be a waste of money to invest in. Besides, depriving the original companies of revenue is a sure-fire way to see the service discontinued.