Since October, Apple has been hunting down fake apps on the App Store that hide illegal streaming services. As soon as the American company deletes one, a new one appears.
Micros Habits, Flower Butler, TodoHabit, Univer Note and now Enhance Tips… Since the beginning of October, a new category of applications has flourished on the App Store. These are illegal streaming services that masquerade as regular apps, with the aim of bypassing the App Store’s validation system.
As soon as Apple is alerted to the presence of an illegal application, it is removed. Problem: an alternative quickly fills the void left, with another identity (and therefore a new developer account), in order to fall through the cracks again. Apple seems caught in a game of cat and mouse, with no effective way to completely block these apps.
On the App Store in France, illegal streaming applications are a hit
Tuesday, November 12, on the French App Store, the fifth most downloaded application on iPhone was called “Enhance Tips”. According to the screenshots, this is an application designed to give motivational advice, using text generated by artificial intelligence. Its interface is, let’s face it, mediocre, but the software has been approved by Apple’s teams.
In reality, Enhance Tips is fake software. When you open the application in France, you come across an illegal streaming service, with films, series and the possibility of downloading content locally.
The application, which is a web-app (it loads content from the web), has the same interface as other illegal software unplugged by Apple, such as Micros Habits, Flower Butler, TodoHabit, Univer Note and Airline Butler. Its developer is probably the same, even if it changes its name every time.
How can an illegal streaming site trap Apple’s validation teams, which we know are very demanding? There are two possibilities:
The first, which is highlighted by American media like The Vergeassumes that the streaming application is only functional in Europe. In the United States, where the App Store teams are based, it could be a classic-looking utility.
This theory is plausible, but it should be noted that we cannot display the traditional interface with a VPN, while the application does not have access to the real location. This is therefore potentially a false lead, since there is no reason not to be able to uncover the mechanism.
The second, that of the application activated by distance. When the developer sends his application to Apple, he undoubtedly presents it as the real utility. Once online, it activates a feature flag on a server which, when opening the application, prompts it to load data from the illegal streaming service. Apple doesn’t see anything, but the user who downloads the app once it’s released has access to everything.
The developer of the illegal streaming service has an unstoppable technique to come back
Apple regularly deletes famous applications. The brand also terminates the developer’s contract and prevents downloading of its streaming service. However, each time, the application reappears in a new form.
The developer, who calls himself “The R” according to an investigation by Liberationrely on word of mouth. When one app replaces another, it notifies users of the old app with a notification. These people tweet or share the new link to their loved ones, which pushes the new app up. When Apple detects it and removes it, it switches to other software. This mechanism has been happening constantly for a month, without Apple seeming capable of completely blocking the developer.
Can Apple stop these practices? If he succeeds in identifying how these illegal applications work, he can. The “R” software probably all connects to the same server when it is first opened, to determine its behavior. If Apple succeeds in capturing this connection attempt, it could identify the developer’s future apps… until it changes the address of its servers.
In short, this game of cat and mouse is likely to continue for a long time. It is also possible that the illegal streaming service is provided by a third party, since the developer indicates to Libération that it is not the one who chooses to place the advertisements. There is probably a dark web beneath this matter.
Source: www.numerama.com
