US technology multinational Apple Inc. is set to allow iPhone users within the European Union capability to install applications outside the App Store. The move by Apple Inc. to allow applications sideloading prompted the blockchain security firms to warn that the practice would aggravate the susceptibility to malware targeting crypto users.
EU iPhone Users to Access Applications Beyond Official Store
The Thursday, November 9 publication by Computer World revealed that Apple plans to allow iPhone users across the European Union to install third-party applications. The move captured in Apple’s financial filing indicates the preparedness of the US tech giant to adjust its business model to ensure compliance with the region’s legislative initiatives impacting the Apple Store.
The publication by Computer World indicates that scrapping Apple’s restrictive policy will eradicate barriers that hinder EU iPhone users from accessing apps beyond the official store. Doing so would comply with the EU Digital Markets Act, as illustrated in a late 2022 publication by Bloomberg.
On Monday, November 13, blockchain security specialist SlowMist outlined that app sideloading would subject iPhone users to multiple phishing attacks. The report warned that iPhone users will suffer six-figure dollar losses from phishing attacks witnessed among Chinese Android users.
SlowMist attributed the losses to the fake Skype application that the Android users unknowingly downloaded from third-party and outside the usual Google Play Store. As such, SlowMist indicated that if Apple enables the app sideloading, it would expose crypto users to heightened risks of phishing attacks, asset theft, and account credentials theft.
Blockchain security firm Halborn chief operating executive David Schwed warned against Apple’s plan to permit sideloading apps. Implementing sideloading of apps would expose iPhone users to inherent risks posed by malicious developers whose applications often mimic legitimate ones. The malware developers target stealing user data.
Schwed observed that Apple iPadOS and iOS often integrate multiple security features, including Address Space Layout Randomization (ASLR), sandboxing, and declared entitlements. Blockchain security experts considered that such protections hardly offer necessary protections to mitigate the risks.
Schwed warned that malware developers are skillfully crafting and unveiling deceptive applications. Such are designed to exploit the users’ trust and orchestrate data theft, including personal credentials.
Blockchain Security Firms Against Apple’s App Sideloading
The alerts issued by the blockchain security firms echo the previous warning issued by Apple Inc. in October 2021 regarding the risks users faced in the event it sideloaded apps. In particular, the October 2021 whitepaper illustrated that sideloading apps would expose users to malware since cybercriminals can easily.
Apple warned in its White Paper that cybercrime risks would still arise even when sideloading is limited to listed third-party app stores. In particular, Apple observed that present cybercriminals could leverage their sophisticated skills to lure users into sideloading applications that imitate App Store appearance.
The filing by Apple portrays the preparedness to comply with DMA, a move expected to compel it to embrace payments from third-party services. Also, it will necessitate forbidding Apple from ever shipping applications preloaded.
Mechanism to Safeguard Against Phishing Attacks
The blockchain security firms indicated that crypto users could protect themselves from phishing attempts lodged via sideloading applications. SlowMist warned the crypto users from clicking unknown links.
SlowMist spokesperson warned users to verify their authorization and digital asset passwords continually. However, mastery of the primary method to identify phishing links and maintain suspicion is critical.
SlowMist cited the need for crypto users to embrace the Blockchain Dark Forest provisions outlined in the Safeguard handbook.
Halborn’s operations executive directed the crypto users to scrutinize the origin of sideloaded applications proactively. As such, the users would need to reexamine the credibility of the application developer.
Schwed reiterated that the best protection to avert sideloaded malware is avoiding sideloading applications. Such would involve the users exercising the preference for applications availed by established and reputable apps from mainstream app stores, including Apple and Google Play Store. The two stores conduct rigorous security reviews to reduce the susceptibility to encountering harmful software risks.