#Get vshare for iphone android
On Android devices this can be done by enabling the settings to download apps from unknown sources in the general device settings. Sideloading is the process of downloading and installing apps onto a mobile device from a source that is not an official consumer app store or a valid enterprise app store. 1)įigure 1: An iPhone configuration profile that is installed by vshare app marketplace This technique also makes it possible to load onto the iOS devices configuration profiles that would allow an attacker to configure VPN settings to redirect network traffic to their man-in-the-middle nodes, as well as change various OS settings (Fig. The vShare marketplace is noteworthy in that it is accessible to iOS devices connecting from anywhere in the world, representing a global expansion of this attack technique. While researchers have previously documented instances of rogue app stores targeting non-jailbroken iOS devices, these marketplaces appeared to be only accessible to devices accessing them from a Chinese IP address.
#Get vshare for iphone install
On Android, we have found attempts to root devices, install apps without user permission, and communicate to known malicious sites on the Internet.Ĭircumventing the official Apple app store vetting process makes it possible to download apps that could act as Remote Access Trojans, allowing attackers access to mobile devices of employees when they are active on internal corporate networks. Proofpoint researchers have studied both the Android and iOS app marketplace that is accessed by the vShare DarkSideLoader marketplace app. The example of Android apps demonstrates the potential of this threat. These apps could also use known or zero-day security vulnerabilities that could lead to devices being jailbroken or granting administrator privileges to these illegitimate apps. These apps can make use of private iOS APIs to access operating system functions that would not be permitted by apps that have been vetted by Apple for publishing on the official app store. The ability to download iOS apps to non-jailbroken iOS devices from a DarkSideLoader marketplace places consumers and corporate employers at risk. We have named this type of rogue app store “DarkSideLoader.” vShare has now found a way to enable their store for non-jailbroken iOS devices. This analysis focuses on vShare, a rogue app marketplace that has existed for several years serving apps for use on Android devices and on jailbroken iOS devices. The rogue app store even allows paid apps to be downloaded for free. In the course of further analysis, Proofpoint’s security research team discovered a rogue app store that allows iOS device users to download apps from a catalog claiming 1 million apps onto their iPhones or iPads without jailbreaking the devices. MDM assessments showed that these devices were not jailbroken. Recently, Proofpoint Targeted Attack Protection Mobile Defense discovered apps on iOS devices – that is, iPhones and iPads – that did not match apps in the Apple App Store.