A rogue app store, dubbed “DarkSideLoader," accessible from anywhere in the world, allows users to download iOS apps to non-jailbroken iOS devices, researchers at Proofpoint revealed in a security report.
Previously, rogue app stores created for non-jailbroken devices only appeared to be accessible from devices connecting to them with Chinese IP addresses. The researchers warned that DarkSideLoader represents a global expansion of an attack technique that could put users at risk of someone gaining unauthorized access to a device's operating systems and more.
Users often download rogue apps with a promise of free content but the apps can potentially install malware, exploit zero days and perform other malicious tasks.
The creators of the store bypassed security features that would prevent rogue downloads by using an Enterprise App distribution certificate that was issued by Apple and was most likely stolen or fabricated, the report said.