About 2% of the 1,000 top grossing apps on the Apple App Store are scams, The Washington Post reports.
Market research firm Appfigures said that such apps have earned approximately $48 million while they were still in the app store, of which Apple also had a cut.
The Post's analysis also showed that "fleeceware apps" that leverage phony customer reviews to boost App Store rankings are even more prevalent. Apple has already removed two-thirds of the 18 fleeceware apps flagged by The Post.
Apple has long touted the security of its App Store due to its exclusive control on the app marketplace for iOS users, but experts said that such monopoly has allowed Apple to be complacent and provide a false sense of security.
"If consumers were to have access to alternative app stores or other methods of distributing software, Apple would be a lot more likely to take this problem more seriously," said Stan Miles, economics professor at Thompson Rivers University in Canada.
However, Apple spokesperson Fred Sainz said that the company will continue acting against harmful apps.
Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.
Qualcomm on Tuesday disclosed nearly two dozen security vulnerabilities in its chipsets, including the company’s flagship suite of SnapDragon processor chips and affecting products that range from cars to powerline communications.
Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.
New security vulnerabilities have been added by Keksec threat group, also known as Kek Security, FreakOut, and Necro, to its Enemybot Linux-based botnet to attack web servers, content management systems, and Android devices, reports The Hacker News.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news