Security News > 2021 > October > CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features

CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features
2021-10-14 15:17

Pyramid-scheme cryptocurrency scammers are exploiting Apple's Enterprise Developer Program to get bogus trading apps onto their marks' iPhones.

They scammers are using a loophole that allows enterprise mobile device management programs to control corporate-owned iOS devices, according to Sophos' analysis, via Apple's Enterprise Developer program - specifically, the Apple Enterprise/Corporate Signature feature.

"Apple's Enterprise Signature program can be used to distribute apps without Apple App Store reviews, using an Enterprise Signature profile and a certificate," researchers explained.

"Apps signed with Enterprise certificates should be distributed within the organization for employees or application testers, and should not be used for distributing apps to consumers[so] apps do not have to be submitted to the Apple App Store for review."

Apple has cracked down on the use of Enterprise certificates for distributing apps to consumers, Sophos noted, but the scammers appear to be moving towards more targeted scams that may be harder for Apple to pick up.

"In order to mitigate the risk of these scams targeting less sophisticated users of iOS devices, Apple should warn users installing apps through ad hoc distribution or through enterprise provisioning systems that those applications have not been reviewed by Apple," researchers noted.


News URL

https://threatpost.com/cryptorom-scammers-apple-enterprise-features/175474/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349