Chinese devs abuse free Apple app-testing certs to install pirated apps
A Chinese iOS application recently found on Apple’s official store contained hidden features that allow users to install pirated apps on non-jailbroken devices. Its creators took advantage of a relatively new feature that lets iOS developers obtain free code-signing certificates for limited app deployment and testing.
The number of malware programs for iOS has been very low until now primarily because of Apple’s strict control of its ecosystem. Devices that have not been jailbroken — having their security restrictions removed — only allow apps obtained from the official App Store, after they’ve been reviewed and approved by Apple.