Two-factor authentication is one of the most secure ways to protect your accounts from unauthorized access. Hackers and data spies are excluded by 2FA. But where security is supposed to be guaranteed, there are of course also the tricks of cyber criminals who exploit this desire for security for themselves. They are currently particularly keen to do this with dangerous authenticator apps.
How can you recognize dangerous authenticator apps?
Authenticator apps are becoming increasingly popular. As recently as March 2023, Twitter announced that it would be charging for its own authenticator service in future. Two-factor authentication via SMS will then only be available to paying users. Naturally, this has caused many users to look for an alternative for their Twitter accounts. This, in turn, is attracting cyber criminals who want to use this for their own purposes. So far, iPhones and the Apple App Store have been particularly affected. These contain a large number of dubious apps that pretend to be genuine authenticator apps. They even use the well-known names of secure apps and supposedly offer them for free. This makes it easier to find the “fake” apps via search. The dangerous authenticator apps therefore end up right at the top of the search. They can often also be clicked on via advertising banners or end up as prominent hits in the supposedly secure area of the search results. So pay close attention to what you click on and how these apps have achieved their high status in the search results.
This is what the dangerous authenticator apps are designed for
In most cases, the apps are subscription traps in disguise. As a rule, they do not offer what they advertise. Instead, they are designed to get users to take out a subscription. These subscriptions are of course anything but cheap and also offer no added value. They are simply subscription traps. They are also set up in such a way that they cannot simply be closed. Instead, a payment release opens when the subscription notice is closed and a quick, careless click can directly conclude the subscription. In addition, at least one dangerous authenticator app was found to pass on scanned QR codes to third parties. The assumption that other data is also not secure is obvious. In the future, these apps will probably go even further. Hackers are always coming up with new ideas on how they can obtain data or cause other damage with disguised apps.
Why Apple does not react
Normally, one would assume that Apple would take action against such fraud in its own App Store. However, this is proving relatively difficult in this case. Despite numerous complaints from the victims of these spy apps, Apple has nodded off the spy apps for the time being. Or rather, they are having problems tracking down the scammers. A functioning app project is used to feed the apps into the Apple Store. This template can be used to create new apps with new names, icons and descriptions. The apps are then uploaded via different developer accounts. This makes it almost impossible to uncover the scam. All apps that are uploaded to the App Store have to go through a review process. However, the apps themselves are disguised and structured in such a way that the scam is not noticed during this check. The fraudsters have therefore found a perfect scam to get their scam apps into the store. Apple will probably get to the bottom of it sooner or later. But we know that cybercrime never sleeps, so it’s only a matter of time before the next scam pops up.
Conclusion
Twitter’s announcement about charging for its 2FA method is not only making waves among disgruntled Twitter users. Cyber criminals are also using this announcement for their own purposes. At the moment, it’s mainly dangerous authenticator apps in the Apple App Store that you should watch out for. So don’t just blindly download something, but find out exactly where the app comes from beforehand.