Using so-called enterprise developer certificates, pirate operators are providing modified versions of popular apps to consumers, enabling them to stream music without ads and to circumvent fees and rules in games, according to a Reuters report.
Software pirates have hijacked technology designed by Apple Inc to distribute hacked versions of Spotify, Angry Birds, Pokemon Go, Minecraft and other popular apps on iPhones, according to findings from Reuters.
Illicit software distributors such as TutuApp, Panda Helper, AppValley and TweakBox have found ways to use digital certificates to get access to a program Apple introduced to let corporations distribute business apps to their employees without going through Apple’s tightly controlled App Store.
Using so-called enterprise developer certificates, these pirate operations are providing modified versions of popular apps to consumers, enabling them to stream music without ads and to circumvent fees and rules in games, depriving Apple and legitimate app makers of revenue.
By doing so, the pirate app distributors are violating the rules of Apple’s developer programs, which only allow apps to be distributed to the general public through the App Store.
Downloading modified versions violates the terms of service of almost all major apps.
TutuApp, Panda Helper, AppValley and TweakBox did not respond to multiple requests for comment.
Apple has no way of tracking the real-time distribution of these certificates, or the spread of improperly modified apps on its phones, but it can cancel the certificates if it finds misuse.
“Developers that abuse our enterprise certificates are in violation of the Apple Developer Enterprise Program Agreement and will have their certificates terminated, and if appropriate, they will be removed from our Developer Program completely,” an Apple spokesperson said. “We are continuously evaluating the cases of misuse and are prepared to take immediate action.”
After Reuters initially contacted Apple for comment last week, some of the pirates were banned from the system, but within days they were using different certificates and were operational again.
Since the App Store debuted in 2008, Apple has sought to portray the iPhone as safer than rival Android devices because Apple reviews and approves all apps distributed to the devices.
Early on, hackers “jailbroke” iPhones by modifying their software to evade Apple’s controls, but that process voided the iPhone’s warranty and scared off many casual users.
The misuse of the enterprise certificates seen by Reuters does not rely on jailbreaking and can be used on unmodified iPhones.