Fake Camera+ app hits the iPhone App Store

Filed Under: Apple, Featured, iOS

Camera+ appHow much trust do you put in Apple's stewardship of the App Store - the online marketplace where you can download apps for your iPhone or iPad?

Chances are that you don't think twice about installing software from the App Store - after all, all the software up there has been verified by "Apple", right?

Well, just because Apple has put in procedures to police their App Store, and - unlike the Google Android platform - pre-approve each app, doesn't mean that fake or malicious apps have never appeared.

This weekend the iPhoneography blog spotted a bogus app posing as the popular Camera+ application.

Fake iPhone app in the App Store

Fortunately, iPhoneography's Glyn Evans realised something fishy was afoot and contacted Tap Tap Tap, the real makers of Camera+, and asked them to confirm whether the app - which claimed to be "THE MOST AMAZING CAMERA+ VERSION YET" - was legitimate or not.

We haven't been able to get our hands on a copy of the bogus app, so we cannot confirm if it contained any malicious functionality. It is possible that the popular app's name was being taken in vain, simply in order to try to earn some money from online purchases.

The good news is that, once notified, Apple quickly withdrew the bogus software from its App Store.

But questions still remain as to what went wrong with Apple's approval process.

Why didn't they notice that someone was uploading a false version of such a well-known app?

After all, Camera+ is currently the 14th best-selling app in the App Store - Apple should surely recognise if someone other than Tap Tap Tap tries to submit it to the store?

As always, be careful what applications you install on your computing devices - even if they come from the Apple App Store. It's not just fake software you have to watch out for, malicious code has made it into the App Store in the past.

, , , , , ,

You might like

12 Responses to Fake Camera+ app hits the iPhone App Store

  1. Fred · 1349 days ago

    Was not aware that Google Android platform does not have procedures to pre-approve each app and police their Market. Shame on Google!

    • Christian Gillinger · 1349 days ago

      On the other hand, if you know there is no pre-approval you know you need to make sure yourself that apps come from trustworthy sources.

    • Reinaldokool · 1349 days ago

      It's a two-edge sword. Apple gets to say no to social apps that they don't like. They've rejected apps from naturist organizations, sex education sources, etc. They bow to the uneducated idiots of the religious right.

      Google does not set itself up as a censor, they also don't take a large cut of the price. Open access is far better than censorship. But, yes, there is a price to pay. Users have to be better educated and use malware protection. (Though recently, the malware makers are getting pretty skilled at targeting Apple products.)

      • Franklin Veaux · 1348 days ago

        "Google does not set itself up as a censor, they also don't take a large cut of the price."

        Well, that's only kind of true.

        Google DOES remove apps from the Marketplace if the carriers tell them to. For example, Google has banned some tethering apps from the Marketplace at the request of the cell phone companies. Section 7 of the Google Developer's Agreement specifies that Google may remove any app found to be in violation of any policy by any of the cell phone carriers or device makers.Google has also removed video game emulators and banned their developers from the Marketplace.

        Google does not take a cut of the apps on the Marketplace. But the cell phone carriers do. Their cut is exactly the same as Apple's: 30%. If you are an Apple iOS developer, when you sell an app you get 70% and Apple gets 30%. If you are an Android developer, when you sell an app in the Google Marketplace you get 70% and the cell phone carriers get 30% divided up among them.

  2. Lynn · 1349 days ago

    It's all well and good to warn people to be careful, but how exactly does one determine they've downloaded a 'fake' version of any application? What happens when they do, are they simply out money they spent on it? I've purchased software called Better Keyboard from the Android Marketplace which was later pulled over a violation on the developer's other applications and left with no way to access it again without repurchasing it elsewhere. The developer refused to honor my Marketplace purchase when asked where to download it in the future if need be. This application can be found on Amazon.com and one other domain only if I pay twice for it! Good thing I just happened to back it up with another program I also purchased from the Android marketplace eh? So what exactly is Amazon.com doing to protect us from these sketchy developers? I notice there are several similar complaints such as mine about this person's business practices, yet the application remains for sale with them.

    This is yet another problem I see more of coming in the future of phone application customers.

  3. Machin Shin · 1349 days ago

    Well, after Apple threw a temper tantrum and attacked a security researcher for pointing out a flaw in the app approval process what you expect? Apple security like any security is not perfect. Add to that the fact that they have shown a willingness to attack those that want to help and what you get is people exploiting the holes instead.

  4. Jake · 1349 days ago

    Someone on the Inside? I bet it was that.

  5. Simon · 1349 days ago

    Pros and cons. Google do not approve apps, but Apple reject apps for business reasons. I think that at one point Google wanted a Chrome browser available and they shut it down as Safari should be the only browser available? I've since seen other browsers out there, maybe Google should resubmit!

    I would rather Everybody vetted their apps available myself. If there was a vetting aplication process involved in the Google Android Market process then the dodgy ones would decrease, meaning that they wouldnt be overwhelmed (which is proib the answer they would give now for not having a moderator)

  6. reinaldokool · 1349 days ago

    Actually there is a protection for Android users. Research the reviews for any product before installing it. And not just one review. It isn't perfect but there is no perfect.

    You have two choices in life: Be completely safe by spending all your life in protective mode. Or take some well-considered chances, but have a fuller life.

  7. Rick Bunker · 1349 days ago

    Is there any security software available for iOS? I know one can run anti-malware software on android (although I don't know how effective it is).

  8. DjFIL · 1349 days ago

    If Google doesn't want to set up their own department to vet apps... there should be some form of developer community vetting process, similar to that seen on Xbox Live Indie Games. To get your game publicly downloadable on XBLIG, the game developer community must give a specific number confirmations that it's bug free and provides ESRB-esque ratings (for sex/language/violence/etc) which gets posted with the game listing.

  9. MikeG · 1348 days ago

    Apple's App Store: One bad app out of over half a million apps. Better not go outside, you might get struck by lightning.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley