Apple's Enterprise Developer Program Also Being Used to Distribute Hacked Apps

Misuse of Apple's enterprise developer program certificates continues to make news, with a new report from Reuters outlining how software pirates have been using the program to distribute hacked versions of popular apps like Minecraft, Pokemon Go, Spotify, Angry Birds, and more.

apple developer enterprise

Using so-called enterprise developer certificates, these pirate operations are providing modified versions of popular apps to consumers, enabling them to stream music without ads and to circumvent fees and rules in games, depriving Apple and legitimate app makers of revenue.

The software pirates in turn make money by charging some users annual subscription fees for "VIP" versions of their hacked apps that are "more stable than the free versions."

After being alerted by Reuters to these developer accounts being used to distribute hacked apps, Apple removed a number of them, but more have since sprung up to take their place.

Revelations regarding abuse of Apple's enterprise developer program surfaced late last month, led by word that Facebook and Google were using the program to distribute market research apps to users that were capable of tracking all of their online activity in exchange for rewards.

Apple briefly revoked enterprise certificates for both companies, which had the side effect of temporarily disabling Facebook's and Google's internal apps including custom testing versions of their own public apps as well as private internal apps for corporate use such as transportation and food.

And just yesterday, additional abuse of Apple's enterprise program came to light in the form of apps featuring adult content and gambling that can not be distributed through the traditional App Store due to Apple's rules prohibiting or limiting those types of content.

Apple today announced that as of February 27, all developer accounts will require two-factor authentication to be turned on, a move that will help secure these accounts and limit their ability to be traded or sold amongst those seeking to skirt Apple's rules.

Top Rated Comments

Junipr Avatar
38 months ago
Popular apps like...Angry Birds
What year is this, 2010??
Score: 15 Votes (Like | Disagree)
racerhomie Avatar
38 months ago
In other words, Apple wants to close loopholes to bypass Apple App Store and services to guarantee their 30% cut even for legit apps like Kodi. This is equivalent to if Google was to reverse their current policy by removing legit apps like Kodi from Google Play Store then disabling side loading of apps.
Apple never allowed this sort of abuse. It was done nonetheless. Go use android , if you want to install your favorite malware.
Score: 15 Votes (Like | Disagree)
Pepe4life Avatar
38 months ago
People have been sideloading apps through this method for years. Apple is well aware of this. The fact that they are doing a massive crackdown now is probably because their revenue is increasingly dependant on the "services" category.

Perhaps Tim can quit exerting so much control over what I want on my phone. Why can't I have torrent clients? Why can't I set custom DNS?
Score: 9 Votes (Like | Disagree)
cmaier Avatar
38 months ago
In other words, Apple wants to close loopholes to bypass Apple App Store and services to guarantee their 30% cut even for legit apps like Kodi. This is equivalent to if Google was to reverse their current policy by removing legit apps like Kodi from Google Play Store then disabling side loading of apps.
THis isn’t a loophole. It’s people violating the developer agreement they entered into.
Score: 8 Votes (Like | Disagree)
noraa Avatar
38 months ago
If I recall correctly, there have been numerous instances in the past were developers were caught violating the enterprise certificates TOS - and said developers certificates were summarily revoked. My guess is that these stories are now making headlines specifically because of the recent FB and Google fiasco; and thus suddenly people are digging more into how the enterprise certificates work.

To those who think Apple is cracking down more because they only want people to go the App Store, or because they want more revenue from services, etc. you obviously haven't been paying too much attention to Apple since, well, forever. Apple has NEVER allowed public Apps outside the App Store, such a concept was probably never even a glimmer in Jobs or Cooks eye. You can argue all you want about Apple to taking too big a cut (30% is arguably too much), or the pitfalls of Apple's walled garden, or your frustrations with it, etc. The bottom line is Apple has always revoked enterprise certificates when they've been misused, and Apple will ALWAYS require developers to release their apps on the App Store.

The fact that we're hearing more about this is, like I said above, probably because of the FB and Google fiasco. In addition, other developers may be abusing the enterprise certificates more because jailbreaking is no longer a viable option - so if you want to provide an App that does things against the App Store TOS, the only way to do so without a jailbreak is by abusing the enterprise certificate.

Finally, I have a pretty strong feeling Apple will be making some sweeping changes to the certificate program to prevent these types of abuses moving forward.
[doublepost=1550121551][/doublepost]
So apple is depending on honest devs to keep iOS users safe. Lol.
Really? That's your takeaway from this?

Apple doesn't allow public Apps outside of the App Store - the App Store is the first, best, line of defense against malicious apps and malware. Apple provides the developer program and enterprise certificate specifically for companies to create app for internal use only - whether for testing purposes or for intra-organization purposes were distributing via the App Store would be cumbersome. Apple can't stop Devs from violating the TOS before they actually violate them...but they can respond immediately once a violation comes to light.

Quite honestly, Apple can only protect it's user so much - if a user chooses to install an enterprise certificate and get an App that way, that's on the user, not Apple.
Score: 8 Votes (Like | Disagree)
Pepe4life Avatar
38 months ago
Not surprising news about these enterprise certificates. Not the first time that I recall that they have made news for going against some TOS.
[doublepost=1550119903][/doublepost]
So Apple cracking down is because of loss of revenue rather than adhering to a TOS. Interesting spin on that.
Apple has been revoking these certificates on a continuous basis throughout these years, it wasn't until recently that they issued massive ban waves. Perhaps you should read my full comment before embarrassing yourself. And yes, I am allowed to speculate.
Score: 7 Votes (Like | Disagree)

Popular Stories

maxresdefault

Review: M1 Max MacBook Pro After Three Months

Wednesday January 19, 2022 11:30 am PST by
It's now been a few months since the M1 Pro and M1 Max MacBook Pro models launched in October, and MacRumors video editor Dan Barbera has been using one of the new machines since they debuted. Over on the MacRumors YouTube channel, Dan has shared a three month review of his MacBook Pro to see how it has held up over time and how it's changed his workflow. Subscribe to the MacRumors YouTube ...
airpodsinear 1

AirPods Save Woman's Life With Feature Everyone Should Know

Friday January 21, 2022 2:13 am PST by
Apple's AirPods have been credited with saving a woman's life after a potentially fatal fall, People reports. When a 60-year-old florist in New Jersey tripped and hit her head in her studio, she lost consciousness and awoke heavily bleeding. With nobody around to call for help, she realized she had her AirPods in, and used a "Hey Siri" command to call 911. An operator was able to stay on the ...
iphone se 2020 top

New iPhone SE Likely to Launch in April Based on Production Timeframe

Wednesday January 19, 2022 6:44 am PST by
Apple suppliers will begin producing display panels for the third-generation iPhone SE this month, with final assembly of the device likely to start in March, according to information shared by display industry consultant Ross Young. Based on this production timeframe, Young believes the third-generation iPhone SE is likely to launch in the second half of April, or perhaps in early May at...
iphone 13 earpods

Apple to Stop Including EarPods With Every iPhone Sold in France From Next Week

Friday January 21, 2022 3:21 am PST by
Apple will no longer include EarPods with every iPhone sold in France, starting on January 24, according to a notice posted by a French carrier (via iGeneration). Apple was previously required to include EarPods in the box with the iPhone due to a French law that required every smartphone sold in the country to come with a "handsfree kit," but the law has now been changed in favor of reducing the ...
Spring 2022 Apple Products Feature

New iPad Air, Macs, and iPhone SE With 5G Likely to Be Announced at Apple Event This Spring

Thursday January 20, 2022 8:32 am PST by
Earlier this week, Bloomberg's Mark Gurman tweeted that Apple "will be holding a spring event" to announce a new iPhone SE and other hardware. In a recent edition of his newsletter, Gurman said the event is likely to occur in March or April. Gurman did not elaborate on what "other hardware" will be announced at Apple's purported spring event, but rumors suggest at least four products are...
appleeducation

Apple's US Education Store Now Requires Institution Verification to Buy Discounted Products

Wednesday January 19, 2022 2:22 am PST by
Apple is now requiring that customers in the United States verify that they're active students, teachers, or staff members at an educational institution in order to access education discounts on products. Previously, little verification was needed for customers to purchase products through Apple's education store in the United States. Apple's education stores offer models of the iPad and Mac ...
AirPods 3 New Firmware Feature

Apple Updates AirPods 3 Firmware to Version 4C170

Tuesday January 18, 2022 11:46 am PST by
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December. Apple does not offer details on what's included in new firmware updates for the AirPods‌, so we don't know what improvements or bug fixes the new firmware brings. There is no standard way to upgrade the ‌AirPods‌‌ software, but firmware is...
appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
apple watch series 7 aluminum colors yellowbg

Apple Watch Charging Bug Fixed in watchOS 8.4 Release Candidate

Thursday January 20, 2022 4:01 pm PST by
The watchOS 8.4 release candidate that was seeded to developers and beta testers this morning addresses an ongoing bug that could cause some Apple Watch chargers not to work properly with the Apple Watch. Back in December, we reported on a growing number of charging issues that Apple Watch Series 7 owners were facing. Since watchOS 8.3, there have been a number of complaints about...