PoC video:
This video is just a PoC (Proof of Concept) about how AppStore developers are making money by abusing the lack of experience of the Apple users.
In this video, we will discuss the Antivirus Zap. This application caught my attention because of the high volume of 5 stars reviews.
After a little research, I found out that this application was developed by a company called Voros Innovation.
This company does not have anything to do with cybersecurity, neither with the malware research or malware analysis, asking myself about how genuine is the product that they sell.
I fired up a new clean VMware machine and let's see what this application can do.
- I completed a full scan of the virtual machine which came back clean.
- Opened Safari and browsed to the MacKeeper website, in the hope that the antivirus has some active protection. Nothing was present.
- I did another scan, and surprisingly, the application flagged as "adware" the history files of Safari pointing to MacKeeper web site.
Now my question got the answer. The developer scam looks like this:
1. Add to their fake database signatures of so-called adware (i.e., in this case, the developer used everything that has mackeeper.com)
2. Flag history files as adware, because an inexperienced person will be delightful that the application works, without knowing that the flagged files are harmless.
3. Request the user to review your application to get more and more inexperienced users.
The scheme how this application got so many reviews, and it does not have anything to do with cybersecurity.
I wonder WHY Apple is allowing this to happen on the AppStore.
Powerful applications such as MalwareBytes, BitDdefender, TrendMicro, Avast and so on does NOT have so much gain and positive reviews.
The answer to this is simply because these companies are using a genuine way of doing business.
A piece of advice: NEVER BUY A ANTIVIRUS SOFTWARE FROM A NOT CYBERSECURITY COMPANY.
In this video, we will discuss the Antivirus Zap. This application caught my attention because of the high volume of 5 stars reviews.
After a little research, I found out that this application was developed by a company called Voros Innovation.
This company does not have anything to do with cybersecurity, neither with the malware research or malware analysis, asking myself about how genuine is the product that they sell.
I fired up a new clean VMware machine and let's see what this application can do.
- I completed a full scan of the virtual machine which came back clean.
- Opened Safari and browsed to the MacKeeper website, in the hope that the antivirus has some active protection. Nothing was present.
- I did another scan, and surprisingly, the application flagged as "adware" the history files of Safari pointing to MacKeeper web site.
Now my question got the answer. The developer scam looks like this:
1. Add to their fake database signatures of so-called adware (i.e., in this case, the developer used everything that has mackeeper.com)
2. Flag history files as adware, because an inexperienced person will be delightful that the application works, without knowing that the flagged files are harmless.
3. Request the user to review your application to get more and more inexperienced users.
The scheme how this application got so many reviews, and it does not have anything to do with cybersecurity.
I wonder WHY Apple is allowing this to happen on the AppStore.
Powerful applications such as MalwareBytes, BitDdefender, TrendMicro, Avast and so on does NOT have so much gain and positive reviews.
The answer to this is simply because these companies are using a genuine way of doing business.
A piece of advice: NEVER BUY A ANTIVIRUS SOFTWARE FROM A NOT CYBERSECURITY COMPANY.
