Apple’s iOS App Store continues to host scammy, unethical apps
Posted on
by
Joshua Long
A couple months ago, we covered several suspicious apps that were in Apple’s iOS App Store. One mimicked the new “Threads, an Instagram app,” and others were unethical loan apps. At the time we published the article, Apple had removed the apps following public backlash.
We wish we could tell you that the App Store was perfectly free of scammy apps, but unfortunately such is not the case.
Over the past week, several more sketchy apps have come to light. Again, some of them are illegitimate loan apps that often seem to particularly target iPhone users in India. The apps mimic the names of legitimate financial institutions, but are reported not actually connected in any way with those companies.
On August 28, a financial tech engineer named Babu posted on X (formerly Twitter) about five fraudulent loan apps that Apple had recently removed from the App Store. According to his research, the apps had been downloaded as many as half a million times over the previous eight days.
Update: All these 5 fraud loan apps are now removed from App Store.
But, these were downloaded in approx 300-500K iPhones in the last 7-8 days.
This could have been stopped earlier.
Meanwhile, the scammers are busy uploading new fraud apps right now. In the next 2-3 days we'll… https://t.co/KLUQnuaAMk
— Babu (@pooniawalla) August 29, 2023
He posted again on August 31 about another loan app that masqueraded as a legitimate institution, Kirloskar.
As expected new fraud loan apps have started to appear in top finance charts in App Store 📲
Kirloskar Loan, using identity of Kirloskar Solar Technologies.
Kirloskar Group an Indian conglomerate est. in 1888, needs no introduction. It's also listed in BSE and NSE.
WTH @Apple… pic.twitter.com/mS4XhvwUaS
— Babu (@pooniawalla) August 31, 2023
A few hours later, Alex Kleber, an iOS scam app researcher, posted about a movie and TV show piracy app called Moshfocus that masqueraded as a to-do list utility.
I wonder how hard is for @Apple review team to properly review an application. Scam app that provides pirated movies disguised as To-Do App: https://t.co/PAXHYs23sX
Credit: @IM_Kevin_Archer thanks for sharing!— Alex Kleber a.k.a Privacy 1st (@privacyis1st) August 31, 2023
Developer Kevin Archer, who had initially discovered Moshfocus’s unadvertised behavior, later posted a video and additional details about the app.
I wonder how many Apple guidelines points this app is infringing 🤷♂️. More than this, it was released on 20 Dec 2022 and still active. You can do better than this @Apple. Thanks @privacyis1st for tweet. https://t.co/py5wVblanL pic.twitter.com/GveB0LcCtZ
— Kevin Archer (@IM_Kevin_Archer) August 31, 2023
Later that same day, I became aware of a fraudulent app that abuses the name and logo of Samourai, a Bitcoin wallet app for Android that isn’t available on iOS. If you read the fine print, the lookalike app claims to be for energy monitoring—but it’s clearly trying to exploit the name, logo, and reputation of the real Samourai app. One of the panels in the App Store touts that it “takes your privacy seriously.” That isn’t very likely, given the clear ethical violations of the app’s developer.
This Bitcoin wallet app is fake, according to the developer of the real Samourai app for Android. (The company doesn’t even make any iOS apps at all.)
It has been in the App Store since July 21, in spite of being reported multiple times.
Seriously, what is going on at Apple? 🤨 https://t.co/LBjUr93Qzw pic.twitter.com/a85euERdXl
— Josh Long (the JoshMeister) (@theJoshMeister) August 31, 2023
On September 3, Babu noted that three loan-scam apps, including the aforementioned Kirloskar lookalike, were ranking higher in the App Store’s finance apps section than a legitimate investment app.
4 days ago, 4 new apps released on @AppStore
1. Share•Market by PhonePe
2. Kirloskar Loan by loan scammers
3. Dure Credit by loan scammers
4. Rupee Credit by loan scammersFraud Loans apps entered into Top 10 Finance Apps while PhonePe's only at #60.
Apple 💕 Fraud Loan Apps pic.twitter.com/ogZS5kDTpK
— Babu (@pooniawalla) September 3, 2023
Just a few hours ago today, Babu posted about five new scam apps that were added to the App Store just this morning and were already trending.
These fraudulent loan apps appeared just this morning on App Store & within few hours they are trending in top charts.
Just yesterday 5 apps were removed and scammers launched 5 new fake apps overnight.
App Store and it’s Review has become a joke! 📲 pic.twitter.com/yoEHOG3lUY
— Babu (@pooniawalla) September 7, 2023
It seems that as soon as Apple removes a few apps, more pop up shortly thereafter. Babu maintains a GitHub page with a list of fraudulent loan apps that he’s tracking.
This is most likely not a comprehensive list of scam apps currently on the App Store. Once can imagine that many more illegitimate, fraudulent, or subversive apps probably lurk unnoticed in the App Store.
The key takeaway? Be very cautious about downloading any app—even from Apple’s employee-curated App Stores.
If you come across any App Store apps that you believe may be scams, please take the time to report them to Apple. It may take several people reporting an app before Apple decides to investigate.
We hope that Apple will, at minimum, start vetting finance-related apps much more carefully than it is at present.
How can I learn more?
Be sure to check out our previous, much more in-depth reporting about the fake Threads app and unethical loan apps from July.
After backlash, Apple removes fake Threads app, unethical loan apps from App Store
Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.
You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: 
