[TheRecord] Apple argues against allowing app sideloading by pointing out Android’s malware figures

Apple said today that one of the reasons it does not allow app sideloading or the use of third-party app stores on iOS is because of privacy and security reasons, pointing to the fact that Android sees between 15 to 47 times more malware compared to its app ecosystem.

The company’s report comes as Apple is currently under an antitrust investigation in the EU for anti-competitive practices — namely for forcing app developers to use its proprietary App Store for app installations and payments.

The company is also facing issues in the US, where two senators put forward a bill in August that would force the company to open its devices to sideloading and third-party payment systems.

But in a report today, Apple says that the reason its iOS devices are locked into the App Store as the only way to install applications is for security reasons, as this allows its security teams to scan applications for malicious content before they reach users.

Apple cited statements from multiple sources (DHS, ENISA, Europol, Interpol, NIST, Kaspersky, Wandera, and Norton), all of which had previously warned users against installing apps from outside official app stores, a process known as app sideloading.

Image: Apple

Apple’s report then goes on to list multiple malware campaigns targeting Android devices where the threat actors asked users to sideload malicious apps hosted on internet sites or third-party app stores.

The list included malware campaigns such as Goontact, HiddenAds, FakeSpy, SpyNote, BlackRock, Banker.BR, TeaBot, Fusob, Anubis, FluBot, HelloSpy, MalLocker.B, CopyCat, Android.Click.312.origin, and FakeAdsBlock.

The list includes a host of threats, such as mundane adware, dangerous ransomware, funds-stealing banking trojans, commercial spyware, and even nation-state malware, which Apple said threat actors have spread by exploiting the loophole in Android’s app installation process that allows anyone to install apps from anywhere on the internet.

Forcing sideloading onto the iOS ecosystem would make iPhone less secure and trustworthy for users. This would be true regardless of whether sideloading occurred via direct downloads or through third-party app stores.


Today’s 31-page report [PDF] is the second iteration of the same report, with a first version [PDF] being published back in June, shortly after EU authorities announced their investigation.

The post Apple argues against allowing app sideloading by pointing out Android’s malware figures appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] Computer memory maker ADATA hit by Ragnar Locker ransomware

Taiwan-based leading memory and storage manufacturer ADATA says that a ransomware attack forced it to take systems offline after hitting its network in late May. […] Source: Read More (BleepingComputer)

Read More

[HackerNews] Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

All posts, HackerNews

A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on, allowing other criminal groups to leverage the tool for nefarious purposes. “It features the ability to steal sensitive information from victims and can download additional malware to infected systems,” Cisco Talos researchers Edmund Brumaghin and Vanja Svajcer  Source: Read […]

Read More

[ZDNet] Norton’s cynical crypto ploy: A dark harbinger of crapware to come?

All posts, ZDNet

Anti-malware vendors are taking a page from the malware makers they’re supposed to be policing. What if all software vendors decide to embed crypto-miners and skim the profits? Source: Read More (Latest topics for ZDNet in Security)

Read More