Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

DarkSideLoader rogue app store available to non-jailbroken iOS devices

Share

A rogue app store, dubbed “DarkSideLoader," accessible from anywhere in the world, allows users to download iOS apps to non-jailbroken iOS devices, researchers at Proofpoint revealed in a security report.

Previously, rogue app stores created for non-jailbroken devices only appeared to be accessible from devices connecting to them with Chinese IP addresses. The researchers warned that DarkSideLoader represents a global expansion of an attack technique that could put users at risk of someone gaining unauthorized access to a device's operating systems and more. 

Users often download rogue apps with a promise of free content but the apps can potentially install malware, exploit zero days and perform other malicious tasks.

The creators of the store bypassed security features that would prevent rogue downloads by using an Enterprise App distribution certificate that was issued by Apple and was most likely stolen or fabricated, the report said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.