But the point of Jungle Runner isn’t to be a good game. When Eleftheriou turned on his VPN to make it look like he was in Turkey, the app was no longer a kids’ game, but rather a cryptocurrency casino touting deposit bonuses.
The shocking discovery was made by Kosta Eleftheriou, founder of the Apple Watch keyboard app FlickType and part-time malicious app sleuth. The app in question is called Jungle Runner, available for iOS, right there in the App Store. Marketed to little kids, the game is just a simple, piece of crap, side-scrolling running game where you are a monkey who collects coins while avoiding obstacles.
App gets around App Store security
the same thing happened if he tried other countries with his VPN, such as Italy and Kazakhstan. Of course, the casino face of Jungle Runner is an unlicensed online casino and would not normally be permitted in the App Store, but it seems that the developer got around this by not connecting the casino to Apple’s IAP. The casino seems to just run in a web browser, but it gets on people’s phones and tablets via the Jungle Runner game.
“This is a creative method of social engineering to bypass Apple’s technical security controls,” Chris Morales, CISO at Netenrich, told Threatpost. “Simple creative human intelligence beating machine learning. This is the same reason phishing still works and social engineering is the number one technique for attacks, not advanced malware.”
After Eleftherious posted about his findings on Twitter, Apple finally took the app down. The same developer also had “Magical Forest Puzzle” in the app store, which leads users to the same crypto casino.
The News Highlights
- “Jungle Runner” iOS Children’s Game is a Scam Crypto Casino
- Check the latest update on Gadgets news
For Latest News Follow us on Google News
- Show all
- Trending News
- Popular By week