Skip to Content

Malicious Tor Browser Persists in iOS App Store for Months Despite Protests

by

Developers working on the Tor anonymity service asked Apple months ago to remove a malicious Tor browser that poses a threat to its users from the App Store (via Ars Technica). After receiving no action through official channels, Tor project members now are using more public means to get this app removed.

tor-browser
A report ticket published three months ago by volunteer Phobos details the issue with rogue app.

"Tor Browser in the Apple App Store is fake. It's full of adware and spyware. Two users have called to complain. We should have it removed."

Tor officials confirmed they filed a complaint with Apple in December 2013 and received a response that the app developer was allowed to defend his app from these accusations.

Several followup emails were sent to Apple, but there was no response from the Cupertino company. Twelve weeks later and the app remains in the App Store, prompting the team to step up their campaign to get the app removed.

"I think naming and shaming is now in order. Apple has been putting users at risk for months now," writes lunar

"I mailed Window Snyder and Jon Callas to see if they can get us past the bureaucracy.

Otherwise I guess plan C is to get high-profile people on Twitter to ask Apple why it likes harming people who care about privacy. (I hope plan B works.)," writes arma.

Apple's App Store is known for being a walled garden where apps are vetted before they are allowed entry into the App Store. The process is not flawless, though, with researchers from Georgia Tech last year showing how an innocuous app with hidden malware-type code could slip through Apple's app approval system.

Once a malicious app is identified in the App Store, Apple has in the past taken steps to remove the app, but the exact process by which an app is removed is not known. In an earlier example, Apple quickly pulled a Russian SMS app that quietly scraped address book contacts and sent them to the developer's server.

Update 8:26 PM: Tor Browser has been removed from the App Store.

Top Rated Comments

S
subsonix
156 months ago
All I see is people wanting this fake Tor app to be removed because the name and logo are the same.

Perhaps it's not so smart to license the logo and trademark under creative commons if you want to control it.
Score: 8 Votes (Like | Disagree)
O
octothorpe8
156 months ago
Maybe they're leaving it up there to poison the name "Tor" so people think it's generally unsafe.
Score: 6 Votes (Like | Disagree)
rageguy Avatar
rageguy
156 months ago
I am unable to find out what is so malicious about this fake Tor app. I don't see evidence of malware. All I see is people wanting this fake Tor app to be removed because the name and logo are the same.

In other words, the original complaint "Tor Browser in the Apple App Store is fake. It's full of adware and spyware. Two users have called to complain. We should have it removed." appears to be false accusations.

Since no evidence has been presented, Apple of course will not remove the app. "Two users have called to complain" is not evidence.
Score: 5 Votes (Like | Disagree)
Parasprite Avatar
Parasprite
156 months ago
Perhaps it's not so smart to license the logo and trademark under creative commons if you want to control it.

IIRC the license requires you attribute their work and not claim or imply that you represent them in any way, making this somewhat of a null point.
Score: 3 Votes (Like | Disagree)
Parasprite Avatar
Parasprite
156 months ago
You don't need to recall, it's easy enough to google.

https://creativecommons.org/licenses/by/3.0/us/

I'm no lawyer, but the terms surrounding it apart from attribution seems pretty loose. On the other hand, allowing people to use your trademark seems like pretty obvious attack vector for a project like Tor, where trust is likely considered important. So why not use a strict license, or not allow sharing of the trademark at all. That way you would know if Tor=Tor so to speak.
Did you read the license or just the summary? Because it seems pretty straight-forward (at least to me) with what is and isn't allowable under the license.

You may not implicitly or explicitly assert or imply any connection with, sponsorship or endorsement by the Original Author, Licensor and/or Attribution Parties, as appropriate, of You or Your use of the Work, without the separate, express prior written permission of the Original Author, Licensor and/or Attribution Parties.
Score: 2 Votes (Like | Disagree)
needfx Avatar
needfx
156 months ago
self immolations should do the trick
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

Apple Event Logo

Apple Released Seven New Products Today

Wednesday March 11, 2026 7:05 am PDT by
Starting today, the seven new Apple products that were announced last week are available at Apple Stores and beginning to arrive to customers. The colorful MacBook Neo and all of the other new products are on display at most Apple Store locations around the world starting today. Apple Stores have inventory of the new products for both walk-in customers and Apple Store pickup, but...
Read Full Article24 comments
ios 26 4 yellow

Everything New in iOS 26.4 Beta 4

Monday March 9, 2026 3:50 pm PDT by
Apple is continuing to test the iOS 26.4 beta, and the latest update is now available for developers and public beta testers. As testing goes on, there are fewer new features in each beta, but today’s release adds new emoji characters and a few other changes. New Emoji Apple added new emoji characters, including trombone, treasure chest, distorted face, hairy creature, fight cloud, orca,...
Read Full Article71 comments
Apple 50 Years of Thinking Different

Apple Announces 50th Anniversary Plans

Thursday March 12, 2026 6:10 am PDT by
Apple today announced that it will celebrate the company's 50th anniversary over the coming weeks, but it has yet to reveal any specific plans. Apple was founded on April 1, 1976, so the company will turn 50 on April 1, 2026. "While Apple is known for looking forward, this milestone offers a special moment to reflect on the journey that has brought the company here, to celebrate the...
Read Full Article87 comments