Fraudulent Kimi App
There’s a vision testing app called Kimi sitting at number eight in the Apple iOS App Store’s trending list of free entertainment apps right now (and number 46 overall for free apps!). But it’s not an app for testing your eyesight, at least not unless you consider watching pirated movies on your smartphone a form of vision testing, which, I suppose you could?
[…]
You open it, and there are just movies and TV shows right there for you to watch. There’s no splash screen and no trick to unlock the real app. It wasn’t hidden at all under a thin veneer of legitimacy.
The App Store description mentioned comparing two pictures as an eyesight test, watching scenery, and playing games, but none of those features were present in the app.
[…]
Apple pulled the app this morning after The Verge wrote about it, and it is no longer available.
This is the second time in the last week that Apple’s App Store has made headlines for questionable app approval.
Even if Apple were doing a good job of reviewing, there’s little they can do about apps that change their functionality outside of the review environment. Apple knows this but is still pretending that it’s even possible to do what they claim to do. High-profile apps like this get caught eventually, but there’s probably a large number of them that are unpopular and so stay under the radar.
Previously:
Update (2024-02-16): Jeff Johnson:
Incidentally, this problem applies to Mac app notarization too. A developer can easily notarize a harmless app that software updates itself into malware.
2 Comments RSS · Twitter · Mastodon
I think notarization was originally just a scam to be able to quickly collect a lot of binaries for analysis, for the purposes of developing Rosetta 2.
1) Ironic after the hoops I had to jump through to prove, for a streaming radio app, that the _station_ I was streaming from had the right to stream the audio.
2) The comments are astounding in their entitlement.