Shulou(Shulou.com)06/01 Report--

"illegal × × × App was cheated 120000 by impersonating an official platform user."

Why has it become a fraud trap and an underground cash machine when it has been approved by the Apple App Store and printed with welfare lottery LOGO? Recently, CCTV News reported that Mr. Mou, a Shandong iPhone user, had been cheated out of 120000 yuan for downloading × × × App, which attracted attention.

The report pointed out that after Mr. Mou downloaded the above × × App, he recharged 8000 yuan successively, and then he was told by the customer service that the recharged money must be purchased after winning the lottery. In order to recover the loss, Mr. Mou recharged 120000 yuan successively. It was not until he sought confirmation from the developer "Chongqing Welfare × × Distribution Center" marked by App that he learned that he had been cheated.

"this kind of fraud has only recently appeared in the Apple App Store, but this kind of illegal App has long been common in the Android app market, and it is also common for users to be cheated of 40, 000, 80, 000 and more than 100, 000 cases." Ali security Qian Dun anti-fraud laboratory technical expert fat pomelo pointed out.

Monitoring data from Qian Dun Anti-Fraud Laboratory show that in July this year alone, 1334 malicious applications related to class × × × were intercepted, with a total installation of more than 2.7 million, and the affected users were distributed all over the country, with Guangdong Province having the largest number of installed users, with about 590000 installed.

Distribution Map of malicious Application installation monitored by Qian Dun Anti-Fraud Laboratory

Illegal App bypasses Apple Audit in three ways

Apple users have always been the target group coveted by black ash products. although Apple manufacturers frequently update the software on the shelf audit mechanism, there are still many fake and illegal applications emerging.

Fat pomelo pointed out that illegal applications want to bypass Apple's regulatory mechanism to successfully install on users' devices, from a technical level, there are generally "using enterprise signatures", "camouflage × × games", "using dynamic distribution of code framework" three ways.

Take a game disguised as a × × class as an example, an H5 page is embedded in App and packaged as a × × class game. After it is put on the shelves in the Apple App Store, it is switched to a × × page, and users are induced to recharge through SMS or Wechat.

"illegal App will set some rules to induce victims to keep recharging, and cash withdrawals are never allowed." Fat pomelo said that the amount of money recharged by the victim is equivalent to buying game tokens in the game app. "even if the victim finds that he has been cheated, the illegal application can easily change the vest and frantically cover the shell in the background to continue to cheat, making it impossible for the victim to complain or recover the amount cheated."

This kind of illegal App can not only cause property losses to users, but also have the risk of stealing users' privacy and data.

With regard to the regulatory loopholes in the Apple App Store, Zhenhe, a senior security expert at Ali, suggested that the platform should require software developers to provide development qualifications and carry out phone and video authentication. "only in the form of business-to-public account transfer can we open an account to improve the difficulty and cost of App packaging vest accounts."

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.