In recent years, we’ve seen a huge increase in the popularity of 3rd party app stores offering pirated or ‘hacked’ versions of popular games and apps usually found on Apple’s official App Store.
Most of the apps on these marketplaces are apps that would otherwise cost money – either that or extra features have been added which are not included in the base app.
The biggest problem with these marketplaces, aside from the fact that they often contain illegal content, is that (as with all piracy) there is a risk of infecting a device with hidden malicious software created by a hacker.
The risk is due to the fact that most of these 3rd party app stores require the apps and games downloaded to be ‘sideloaded’ onto your device.
‘Sideloading’ allows developers to distribute apps that bypass Apple’s rigorous checking process normally required for apps to be available on the official App Store.
What is ‘sideloading’?
In basic terms, sideloading is a way to install an app from a 3rd-party source onto an iPhone or iPad.
Sideloading is a process where an app downloaded from a source other than the official App Store is installed onto the device. iOS will not allow the user to open the app until they have manually approved the app, letting iOS know that they trust the application. Except in most cases, these apps are made by Chinese developers and almost all users will have no idea even who they are, nevermind if they can be trusted.
Once approved, this app then has access to iOS and acts as any other app would. The app will continue to function on the device until the certificate used to sign it is revoked by Apple, which can happen quite regularly if Apple suspects that the certificate has been misused. However, it’s not uncommon for these apps to simply reappear at a later date under a new account.
What are the risks?
As sideloaded apps are installed directly to iOS devices and not via the official App Store, they do not go through the same rigorous checks as other apps. It’s therefore easy to see how a rogue developer could include malicious code within the app.
Even if the apps and marketplaces claim they are currently not infected with malware, there is no saying that they couldn’t be in the very near future.
The risks are the same as any other security threat to iOS, or any other operating system. The greatest threat is spyware, which can track a range of activities performed on a device and steal all of a user’s private data, including (but not limited to):
- Contact information.
- Browser history.
- Usernames and passwords.
- Emails, texts and messenger chat history.
- Bank account information & online banking details.
- Image, video & audio files stored on your device or on cloud storage apps.
- Track device GPS in real-time.
- Listen live via microphone and watch via cameras.
On top of the above risks, using unauthorized versions of apps can lead to your respective accounts being suspended by the company (i.e. SnapChat or Instagram).
That’s why we recommend never using these 3rd party apps and only downloading apps from the official Apple App Store.
How do I remove 3rd-party apps?
To remove these apps from your device, just follow these steps:
- Go to the Settings app.
- Tap General
- Scroll down and tap on ‘Profile & Device management’. If you don’t see this option in the menu then that means you don’t have any 3rd party apps installed on your device.
- Tap the profile for the app you want to delete. The profile name may not be the same as the 3rd party app and would represent the developer that distributed the app.
- Tap ‘Delete App’.
If you are concerned about the security of your iOS device, then here at Certo, we offer industry-leading software that can help you scan your device and check for signs of hacking and malicious software. Just click here to find out more about Certo AntiSpy.