Highlights
- The app was listed on App Store before being reported and taken down for the same.
- It triggers an online casino when opened in Turkey or using a Turkey-based connection through a VPN.
- The app has scammed several iOS users, and there is no way of knowing how much money it made for the threat actors.
Apple and Google have since long faced the challenge of keeping their app stores clear of any malicious activities for their users. Still, such threats manage to lurk in some corner of the app stores of the two operating systems in one or the other form. One such threat detected recently disguised itself as a kids' game on Apple iOS.
The malicious app is called Jungle Run, in essence, a 2D coin running game meant for children. It was, however, found to be a facade for a cryptocurrency-based online casino for those who use it in Turkey. The game was live on App Store before it was reported as the gateway to the illicit online platform recently and taken down.
The malicious app was reported by Kosta Eleftheriou through a series of tweets recently. Eleftheriou works on exposing such scammy iOS apps and hence shared his findings on Jungle Run with the App Store on Twitter.
As per Eleftheriou, the game disguises itself as a silly 2D-based game for children aged four years and above. However, if the same app is run in Turkey, the app opens up a shady online casino, likely to trick users into spending money. The redirection works even while using a VPN for the country.
"This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch, it becomes an online casino that doesn't even use Apple's IAP," Eleftheriou wrote.
Eleftheriou further claimed that the app used fake advertisements and claims of having been featured on CNN to gain credibility. Once the victim follows the ad, he or she is taken to another App Store page.
He remarks that since the app is free on the App Store, people tend to trust it without questioning this redirection. He mentions that the app has been scamming users on the App Store for a few months and has even "received a couple of updates."
Eleftheriou also points out that there is, in fact, another iOS app that does the same thing. He says that the apps do so to pass the App Review put in place by Apple and hence is a reminder of Apple's lack of security on its iOS platform.
Judging from the reviews on the App Store, Eleftheriou highlights that people have already lost money to the scam app and that it is impossible to know how much money the app has generated for its perpetrator. Apple has not provided an official statement on the finding yet but the app seems to have been taken down from the App Store.