In as much as we know that technology is not entirely safe and anything connected to the internet has its setbacks, most Apple fanboys do not think that anything Apple has vulnerabilities. We have seen statements like “the App Store is tough, no malicious app can get in there”. This is the general idea of many Apple fanboys who do not want to own up to the simple truth. The truth is that the App Store is far from paradise. Apple may have stringent rules for the App Store but this does not mean that the App Store is impenetrable.
A developer, Kosta Elftheriou, recently exposed one popular but malicious app on the App Store. Although this app has all the characteristics of a malicious or scam app, it has been in the App Store for about four years.
According to Elftheriou, the app “AmpME – Speaker & Music Sync” claims that it can increase the volume of music you play by “syncing it with all of your friends’ phones, Bluetooth speakers, desktops, and laptops for FREE”. As of the time of this report, the application has about 100,000 downloads. Furthermore, it has over 50,000 reviews and its rating is 4.3-star.
This statistics is quite impressive and some Apple apps do not have. However, behind the blistering statistics lies the scam. AmpME shows a couple of traits characteristic of a scam app. Let’s look at the easy to understand scam characteristics of this app
1. The app comes with an auto-renew $10/week subscription, this will translate to a massive $520 a year. The outrageous bill is not all, the main scam pointer is that it is very “easy to sign up for but hard to cancel.”
2. The app review trend is another major scam pointer for AmpME. Firstly, there are huge spikes in the positive reviews. Scarcely, we find negative reviews but the thing is most of the positive reviews are from people whose names are not pronounceable.
Gizchina News of the week
This is typical of paid reviews. Of course, the few negative reviews do not have these traits because they are probably from real AmpME users. Therefore, “all that glitters are not gold”, AmpME drowns the negative reviews with fake positive reviews.
Loads of daily fake reviews with non-sensical reviewer “names”
Here is another shocker, Apple App Store has been featuring AMpME and “make millions”. Ironically, Apple’s taglines for the App Store say: “The apps you love. From a place you can trust. Every day, moderators review worldwide App Store chars for quality and accuracy (sic).”
This casts a huge question on Apple App Store security and the review process is not as “bulletproof as you think”.
Well, a few hours after the report hit the web, Eleftheriou posted a new update on Twitter. The post has the tag “update: app went poof”. We guess it took a Twitter thread for Apple to identify a scam app that has been sitting comfortably on its Store for four years.