News18 reported that Apple’s own TestFlight tool is a major concern for iPhone users because of the potential for malware to infiltrate the system.
Known as “CryptoRom,” the cybercrime campaign is distributing fake cryptocurrency applications to both iOS and Android customers.
While Android apps can be downloaded from third-party Play Stores, iOS has traditionally had a stricter check for malware infiltration.
Using Apple’s test-flight program, new developers are able to run their apps on a sample of 1,000 people before submitting them to the App Store for public consumption.
It has been discovered that pre-release applications on the App Store are not tested because of a loophole discovered by scammers.
The malware is embedded in a weblink and sent to the potential testers by the developers. As a result, there’s no way to tell if downloading the link is safe.
Apple does not even know about the malware-infected applications.
Even if the link is sent through TestFlight, the company asks users not to download any applications or software from untrusted sources.