Pirated App Store Client For iOS Found On Apple's App Store (helpnetsecurity.com)

← Back to Stories (view on slashdot.org)

Pirated App Store Client For iOS Found On Apple's App Store (helpnetsecurity.com)

Posted by timothy on Monday February 22, 2016 @02:21AM from the infinite-recursion dept.

An anonymous reader writes: An app called "Happy Daily English", which has been offered for download via Apple's official App Store, has been revealed to be a fully functional third party App Store client for iOS, offering users in mainland China a way to install modified versions of iOS apps on non-jailbroken devices. Its discovery shows that there are new techniques that can be used to fool Apple reviewers into allowing potentially malicious apps into the App Store, that enterprise certificates can be easily abused, and that there are ways for bypassing Apple's prohibition of apps dynamically loading new code.

55 comments

Min score:

Reason:

Sort:

Oh. by Anonymous Coward · 2016-02-22 02:28 · Score: 0, Insightful

Apple products aren't as secure as all the hipsters want us to believe? Say it aint so.
1. Re:Oh. by Anonymous Coward · 2016-02-22 02:39 · Score: 0, Offtopic
  
  ITT Denial, hurt feelings, excuses and rage against the non-believers. Prepare to be modded down and flagged inappropriate!
2. Re:Oh. by Anonymous Coward · 2016-02-22 04:10 · Score: 1
  
  Yes, they are. Didn't you read the word "jailbroken"?
  Didn't you read the word "non-jailbroken"?
3. Re:Oh. by U2xhc2hkb3QgU3Vja3M · 2016-02-22 06:26 · Score: 2
  
  Didn't you don't not read the non-word not "non-jailbroken"?
4. Re:Oh. by Falos · 2016-02-22 07:27 · Score: 2
  
  I... uh... maybe?
5. Re:Oh. by slashdotwannabe · 2016-02-23 10:28 · Score: 1
  
  Yes I no I didn't.
  
  --
  This comment is my opinion and does not represent an official position of Donald Trump or others I do not work for
Easy removal? by mwvdlee · 2016-02-22 02:32 · Score: 3, Insightful

I'm assuming Apple's walled garden approach makes it so much easier to remove this app and any apps, virusses and trojans potentially installed by it.

--
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
1. Re:Easy removal? by AmiMoJo · 2016-02-22 02:52 · Score: 4, Informative
  
  Not at all, Android can do the same and doesn't need the walled garden to do it. Play Services on Android will scan even sideloaded apps, and can remove apps that are found to be malicious no matter where they come from.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
2. Re:Easy removal? by Anonymous Coward · 2016-02-22 06:51 · Score: 1
  
  Well Android is likly going to have a harder time preventing it from being resubmitted and showing up again.
  Apple can deny any app that looks superficially similar to this one if they want to.
3. Re:Easy removal? by rsborg · 2016-02-22 07:12 · Score: 2
  
  Not at all, Android can do the same and doesn't need the walled garden to do it. Play Services on Android will scan even sideloaded apps, and can remove apps that are found to be malicious no matter where they come from.
  And theoretically, the Police may be able to arrive on-scene before the criminals depart... but that only seems to be feasible in environments where crime isn't rampant. Let's face it, the walled-garden approach does result in better overall security for users (at a price), not unlike gated communities.
  
  --
  Make sure everyone's vote counts: Verified Voting
4. Re:Easy removal? by Anonymous Coward · 2016-02-22 08:57 · Score: 0
  
  Not at all, Android can do the same and doesn't need the walled garden to do it. Play Services on Android will scan even sideloaded apps, and can remove apps that are found to be malicious no matter where they come from.
  It cannot remove malware if they were installed as part of Samsung/ISP's image, like DSMlawmo.
5. Re:Easy removal? by Anonymous Coward · 2016-02-22 09:15 · Score: 0
  
  Apple's walled garden and reviews is claimed to prevent this in the first place.
Law Enforcement Implications by dlleigh · 2016-02-22 02:34 · Score: 5, Funny

So the FBI doesn't need Apple to help them get the information on the San Bernadino shooter's phone after all. They can just ask the Chinese.
1. Re:Law Enforcement Implications by Coisiche · 2016-02-22 02:41 · Score: 2
  
  They're not going to tell anyone, let alone the FBI, if they have technique for getting information from locked iPhones. Many western politicians use them and that would be too good a source of intel to pass up.
2. Re:Law Enforcement Implications by U2xhc2hkb3QgU3Vja3M · 2016-02-22 03:07 · Score: 3, Funny
  
  And what would be a good source of AMD?
3. Re: Law Enforcement Implications by Anonymous Coward · 2016-02-22 03:28 · Score: 0
  
  I know some fellows who are in charge of securing the president and other high officials. They said it would be easier if it weren't for their obsession with iThings.
4. Re: Law Enforcement Implications by Anonymous Coward · 2016-02-22 03:57 · Score: 0
  
  Last time I looked you could buy AMD 8088 processors on eBay. Not sure, though, if they are NOS or pulls.
I knew something was suspicious about that app by NotDrWho · 2016-02-22 02:44 · Score: 1, Troll

The first clue was that is was called "Happy Daily English" instead of the proper "Happy Daily Engrish"

--
SJW's don't eliminate discrimination. They just expropriate it for themselves.
1. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-22 02:54 · Score: 0
  
  Come come. It's "Happy Day-re Engrish" *ducks*
2. Re:I knew something was suspicious about that app by AmiMoJo · 2016-02-22 02:58 · Score: 3, Informative
  
  This is a really weird myth. The Chinese can say the L sound perfectly, it's actually the R sound that they have some slight issues with. Koreans too, which makes that puppet film all the more bizarre.
  The Japanese have some issues with the L sound, which I guess must be the origin of the myth. Japanese, Chinese, Korean, all the same, right?
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
3. Re:I knew something was suspicious about that app by U2xhc2hkb3QgU3Vja3M · 2016-02-22 03:08 · Score: 1
  
  Japanese, Chinese, Korean, all the same, right?
  Exactly! Just like people from France and Québec are the same, and people from the UK, the U.S.A. and Australia are the same.
4. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-22 03:21 · Score: 0
  
  Actually, for a chinese speaker, it's not that an r is unpronouncable, it's just that in the Chinese language, there is no difference between r and l. For a chinese speaker, it's quite complicate to distinguish between the two phonems, because any chinese word keeps its meaning wether you pronounce the 'l' as 'r' or vice versa, other than in english, where for instance 'raw' and 'law' are two distinct words with distinct meaning. In the Chinese language, there is no such example.
  A linguist would say that for a chinese speaker, there is no semantic difference between the l- and the r-sound.
5. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-22 03:44 · Score: 0
  
  No, it's more like people from England and France are all the same... (in the historical and linguistic sense...)
6. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-22 03:47 · Score: 0
  
  Well, yes, but Chinese having no problems with the l sound is mainly only for syllable initial l. Syllable final l is often mispronounced or dropped altogether in Chinese accented English. This is because Chinese has no syllable final l.
  IAAL (I am a Linguist)
7. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-22 04:00 · Score: 1
  
  The Japanese have some issues with the L sound, which I guess must be the origin of the myth.
  The problem is R is pronounced very differently depending on where you are as well as which word it's used in. Japanese has 5 characters with the sounds ra, ri, ru, re, ro (unicode missing, look up hiragana on wikipedia if you like). Here is the twist: it's a very weak R, much like the Icelandic R and to some degree much like R sounds like in many European languages. However when Americans read the letter R, they pronounce it very strongly, which makes it sound really weird in Japanese.
  The result is that those letters are then written with Ls instead of Rs to make it sound more correct when Americans try to pronounce Japanese words. Most Europeans still needs R for best match, which mean it ended up something like L when writing US English and R when writing British English or German. With little or no knowledge of word pronunciation in the west, this is reduced to it should sometimes be R and sometimes L. To make matters worse, they are interchangeable when writing Latin letters, which the computer then converts into Japanese (the most normal way to type). It's the perfect setup for mixing up those two letters.
  There are no other really confusing parts in writing Japanese with English characters. The rest of the issues are more strait forward and will not cause outstanding errors in English. A good example is Tokyo, which in Japanese have writing to extend the vowels and the Japanese spelling/pronunciation is actually Toukyou. A little different, but nothing which cause problems when trying to write English.
  If anything, the Americans are just as guilty for the R/L confusion as the Japanese. After all if the R sound had stayed European, the problem wouldn't exist. However I don't want to blame anybody for this because nobody living today had any influence on it and nobody caused this problem intentionally. Knowing that doesn't make the problem go away and even knowing the cause of it, I still get confused about it from time to time when trying to write Japanese words with Latin letters and I'm not even a native Japanese speaker.
  If anybody is to be blamed for weird English/Japanese spelling, it should be those responsible for writing English loanwords in Japanese. Computer is spelled konputa and this is a very general rule. The words sounds sort of the same, but the spelling is different. In other languages the English word computer is introduced with the same spelling or occasionally they get a local name, which doesn't try to sound like English. The whole concept of sounding like English with a different spelling is very flawed and possibly a much bigger source of English misspelling than the R/L issue. Unlike the R/L issue, the English loanwords are intentionally introduced that way and all are created after WW2. This mean this is a created problem rather than something, which just happened.
8. Re:I knew something was suspicious about that app by Flavianoep · 2016-02-22 04:08 · Score: 1
  
  No, it's more like people from England and France are all the same... (in the historical and linguistic sense...)
  Not in the linguistic sense, at all! English and French have been proven to be related, with high confidence. The same cannot be said about Japanese and Korean; nor do either of them even seem to be related to Chinese.
  
  --
  Linux is for people who don't mind RTFM.
9. Re:I knew something was suspicious about that app by Falos · 2016-02-22 07:34 · Score: 1
  
  Nah mate, we ain't grokkin that, not in my house, y'feel me? Peace.
  
  https://xkcd.com/771/
10. Re:I knew something was suspicious about that app by Required+Snark · 2016-02-22 08:28 · Score: 1
  
  You are a racist fuck.
  
  --
  Why is Snark Required?
11. Re:I knew something was suspicious about that app by NotDrWho · 2016-02-22 09:02 · Score: 1
  
  Is that arr you got, pussy?
  
  --
  SJW's don't eliminate discrimination. They just expropriate it for themselves.
12. Re:I knew something was suspicious about that app by _merlin · 2016-02-22 12:22 · Score: 1
  
  You can't spell an imported word the same way it's spelled in the original language if your alphabets don't line up.
13. Re:I knew something was suspicious about that app by jrumney · 2016-02-22 17:10 · Score: 1
  
  Japanese has 5 characters with the sounds ra, ri, ru, re, ro (unicode missing, look up hiragana on wikipedia if you like). Here is the twist: it's a very weak R
  I'm not sure what you mean here by weak, but it is a rolled r, something between the English R and L sounds, exactly where between those sounds is dependant on dialect. The key thing though, is that they do not have two different sounds for R and L, so when they pronounce an English word with their in-between Japanese R, it can easily sound like they've mixed them up. And because it is the same sound to them, they often confuse R and L in written English (sometimes it seems they are wrong more often than right).
  
  Computer is spelled konputa
  Konpyuuta.
  
  The whole concept of sounding like English with a different spelling is very flawed
  Really? Can you name a language which does things differently?
  
  and all are created after WW2
  Not at all. Using foreign loan words was discouraged for a few years during WW2, but there were a lot of English, Portuguese and other loan words being spelt in katakana well before then.
14. Re:I knew something was suspicious about that app by Anonymous Coward · 2016-02-23 08:14 · Score: 0
  
  And that changes things how?
There were warning signs... by Harold+Halloway · 2016-02-22 02:49 · Score: 2

The occurrence of the words 'happy' and 'English' in the same sentence should have started alarm bells sounding.
1. Re:There were warning signs... by Anonymous Coward · 2016-02-22 02:55 · Score: 0
  
  It's the weather.
2. Re:There were warning signs... by AmiMoJo · 2016-02-22 03:07 · Score: 2
  
  Maybe it's just the English version of Happy Daily. There are lots of alternative app stores for iOS in China. They allow you to browse apps through their own interface and often have tie ins with social networks and let you earn virtual currency for using them. When you actually go to install an app it takes you directly to the right screen in the Apple app store.
  I saw a Chinese friend setting up a new iPad a few years back, She installed some third party app store, logged in to here QQ account and could see all the stuff her friends had installed so was able to find the apps she wanted quickly. When one of her friends mentions some cool new app, she only has to open the app store and it's right there without having to search.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Re:I dont have apple & dont give a fuck by U2xhc2hkb3QgU3Vja3M · 2016-02-22 03:06 · Score: 1

Right on! Come join my World of Warcraft guild, dude!
Oh wait...
points for happy daily english by Anonymous Coward · 2016-02-22 03:12 · Score: 0

my chuckle of the day
Times change by SmaryJerry · 2016-02-22 03:42 · Score: 2, Insightful

The biggest reason macs had "no viruses" were that they also had no users so it wasn't worth it for a hacker. Now that Apple products are mainstream, all that changed.
1. Re:Times change by Anonymous Coward · 2016-02-22 05:11 · Score: 0
  
  The biggest reason macs had "no viruses" were that they also had no users so it wasn't worth it for a hacker. Now that Apple products are mainstream, all that changed.
  They STILL have no VIRUSES.
  No one can stop Trojans.
2. Re: Times change by Anonymous Coward · 2016-02-22 05:14 · Score: 0
  
  How is this modded insightful?
3. Re:Times change by malditaenvidia · 2016-02-22 05:25 · Score: 1
  
  That and MacOS X being standard UNIX, so it has proper security in place. Last time Windows had anything even remotely resembling, people shunned Vista and painted it as the worst OS ever.
4. Re: Times change by Anonymous Coward · 2016-02-22 12:09 · Score: 0
  
  For the same reason as a post a few weeks ago was modded informative with a score of 5 even though people replied to it with links proving that all the facts were made up and wrong. The replies (lots of them) were never modded up to more than around 2. While the modding system works most of the time, it still relies on semi-random humans to judge and that fails quite badly once in a while.
Apps apping other apps! by Anonymous Coward · 2016-02-22 03:51 · Score: 0, Troll

Modern app appers know ONLY apps can app apps, so this app is super appy because it apped an app to let it app other apps!
Apps!
I want an Android app that's a jailbreak loader by davecb · 2016-02-22 04:05 · Score: 2

If one can load apps on a nominally un-jail-broken apple, how about one to load (and remove) apps from an android? My phone is full of crapware. amd I want a wifi tracking app that wants a jailbroken phone (:-))

--
davecb@spamcop.net
1. Re:I want an Android app that's a jailbreak loader by Trax3001BBS · 2016-02-22 08:25 · Score: 1
  
  If one can load apps on a nominally un-jail-broken apple, how about one to load (and remove) apps from an android? My phone is full of crapware. amd I want a wifi tracking app that wants a jailbroken phone (:-))
  Android on a Motorola? Google will help you (not the search) but the company. Only requirement is google apps must be installed, but a hosts file will cover that.
or.... by JustNiz · 2016-02-22 04:27 · Score: 2

the Apple store guardians actually saw through it straight away but decided to let it through anyway since it actually promotes free speech/Apple's own agenda and because its a 3rd party app, it gives them plausible deniability.
1. Re:or.... by Anonymous Coward · 2016-02-22 05:14 · Score: 0
  
  the Apple store guardians actually saw through it straight away but decided to let it through anyway since it actually promotes free speech/Apple's own agenda and because its a 3rd party app, it gives them plausible deniability.
  I missed the sarcasm tag. Did you forget it?
QA by stealth_finger · 2016-02-22 04:36 · Score: 1

I was under the impression that apple QA was 1) Does it do something we do? and 2) Is it pretty enough?. Arguably the first clause should've got this one but if its disguised a bit or in Chinese then no wonder it got past them.

--
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
1. Re:QA by Anonymous Coward · 2016-02-22 23:33 · Score: 0
  
  I was under the impression that apple QA was 1) Does it do something we do? and 2) Is it pretty enough?. Arguably the first clause should've got this one but if its disguised a bit or in Chinese then no wonder it got past them.
  The only reason it went through is because that it would infact originally teach you Chinese, but if you are launching the app and it thinks you're Chinese, it will open the "App Store" version. Apple never saw it because they were most likely testing in the USA.
Sucks by Anonymous Coward · 2016-02-23 02:25 · Score: 0

Eat s***