A new iOS tool called TrollStore makes it easier to get apps onto your iPhone, even if they’re not from Apple’s App Store. At the same time, it could finally allow cybercriminals to break into Apple’s walled garden and distribute malware to iPhones.
According to a blog post (opens in new tab) from the mobile app security firm Guardsquare, TrollStore enables users to permanently install any app onto a non-jailbroken iPhone. While TrollStore easily allows iPhone users to install modded apps, cybercriminals could also leverage it to add malicious code to these apps.
First released at the beginning of September, TrollStore uses two recently discovered iOS vulnerabilities (tracked as CVE-2022-26766 (opens in new tab) and CVE-2021-30937 (opens in new tab)) to gain root privileges on an iPhone and sign modified applications.
Fortunately, both vulnerabilities have since been patched and upgrading to iOS 16 can help you avoid falling victim to any possible attacks. At the same time, TrollStore has the potential to wreak havoc on older iPhones and iPads that haven’t yet been updated with the latest software from Apple.
Sideloading apps on iOS
With one of the best Android phones, it has always been possible to sideload apps by downloading and installing an APK file. While this can be convenient for organizations that develop and distribute custom apps to their employees, sideloading apps can be quite dangerous for ordinary users.
Sideloading apps on iOS has always been much more difficult due to Apple’s policies which is why jailbreaking exists. When you jailbreak an iPhone, you gain full access to the root of the phone’s operating system and are able to access all of its features. This includes being able to install apps that are not on the App Store.
The reason TrollStore will likely be popular is due to the fact that it enables users to install modified apps without having to jailbreak their devices. However, this also makes things more difficult for app developers who often use jailbreak detection to ensure their apps aren’t repackaged by an attacker.
How to stay safe from modified iPhone apps
As we mentioned above, the easiest way to stay safe from modified iPhone apps is by updating your devices to the latest version of iOS. In order to work, TrollStore uses two iOS vulnerabilities that were patched with the release of iOS 15.2 and 15.5.
Even if you only download apps from the App Store, you could accidentally download a modified IPA file and install it on your iPhone the way you would with an APK file on Android. By upgrading to iOS 16 though, you won’t be able to install the file on your device.
Although you may know the dangers of downloading and installing third party apps from unknown sources, your children may not. For this reason, you also could consider adding one of the best parental control apps to their devices so that you can know exactly what they’re downloading online.
Now that TrollStore has been released for iOS 14-15.4.1, the tool’s creators are likely already looking for new vulnerabilities in order to bring their unofficial app store to even more Apple devices.
