The vulnerability of the App Store which becomes obvious from the existence of imitation application which seems to install unknowingly

One in 10 of Android applications is malwareAlthough it is said that, Apple's applications for iOS devices are delivered App Store has a rigorous review so it is extremely rare for apps containing malware and spy ads to be delivered. But the vulnerability of such an App StoreArs TechnicaPointed out.

A new app clone grifter shows App Store's weakness | Ars Technica
http://arstechnica.com/business/2014/05/a-new-app-clone-grifter-shows-app-stores-weakness/


"1 PasswordIs an application for safely storing login information and credit card information to web services on iPhone and iPad. It is compatible with 20 languages ​​including Japanese, and passwords can be used in sync with the PC.


Such a 1Password clone application is the screenshot shown below, and it is not an exaggeration to say that the application name and logo design are mostly circle pakuri. With the same application name as the original 1Password, the selling price was 1.99 dollars (about 200 yen) and it was sold cheaper for $ 16 (about 1600 yen) than the original home application. Jeffrey Goldberg of Agile Bits, the seller of 1Password for this application, said, "That app is of course not ours, we've seen fake apps before, but so far this is I have not seen it before. "I got a comment on Ars Technica by e-mail.


On the App Store, as you can see on Google PlayApplication with malwareIn order to eliminate unlawful things like apps with spam ads, the application will be strictly screened before publication and the application will be delivered after obtaining approval from Apple. Because of this severe judgment, the App Store is called "Walled Garden", but the details of this application examination criteria are not disclosed, especially recently " The regulation is getting loose with respect to the clone application.

Looking at the contents of a 1Password clone application, it is a bit of security and I recommend that users recommend pattern-based security less secure password. Furthermore, despite the password management application, the clone application seems to ask users to access the photos.

ByMike Cohen

For people who are delivering clone applications it is not important what "imitate the function of the application" is important, and "to look like" is an important point to the last. Then, the clone application copies the name and icon of the application, trying to get as many sales and advertisement revenue of as many apps in a while until it is deleted from the App Store. Also, developers in the App Store, like Google Play developers, have difficulty putting malware into applications, but it is possible to collect contact information and photos using the application.

And even if an app developer complains to Apple about a clone application, Apple is trying to set up a discussion place rather than immediately stopping the application. Like 1 Password in the pastClone applicationI was bothered by "A Beautiful Mess"Trey George, who is a sales manager at an app selling agency, says," I do not think that it is sanity, but we rarely can do legally, "said the frustration of fake apps I will tell you.


The creator of 1Password's clone application can also use the photo editing application "Afterlight"New Afterlight" which is a clone application of the "Where is My Partner?" And applications that track position information such as "Where is My Partner?"


Unlike A Beautiful Mess, 1Password is an old customer of Mac and iOS devices, and the app did not explode over the night and the application became extremely popular. It is a problem that apps can not be overlooked if it is true application developers that Apple has cheated and continued to distribute such apps fierce fake.

In addition, there are app developers suffering from pacri app in Japan too.

"Icon memo" which can be downloaded for free for a limited time, the reason is "to eradicate pakuri" - GIGAZINE