Apple

17264 readers

177 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:

No NSFW Content
No Hate Speech or Personal Attacks
No Ads / Spamming
Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago

MODERATORS

MichelleG@lemmy.world

RoyalEngineering@lemmy.world

thisisdee@lemmy.world

159

First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts (www.tomsguide.com)

submitted 7 months ago by willya@lemmyf.uk to c/apple_enthusiast@lemmy.world

42 comments fedilink hide all child comments

cross-posted from: https://lemmyf.uk/post/5813538

First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts

you are viewing a single comment's thread
view the rest of the comments

[–] stevenm2406@sh.itjust.works 2 points 7 months ago

Exactly. It would be complicated to pull off something like this via side loading given that Apple’s proposal requires apps to be hosted on an alternative store rather than just being a single app that you could download (like APKs on Android). The paragraph below from their Newsroom post about the changes being made also suggests there will still be some form of app review happening for apps even if they aren’t being hosted on the App Store.

Notarization for iOS apps — a baseline review that applies to all apps, regardless of their distribution channel, focused on platform integrity and protecting users. Notarization involves a combination of automated checks and human review.

It would be easier for a scammer to use an MDM profile like they did with this scam rather than trying to trick people into side loading.