Old problem, new name: iOS third-party app stores now dubbed “DarkSideLoader”
There are few people who are in the know of how sideloading basically works. Those who are trying to find an app outside of the traditional (and official) stores will find third-party marketplaces and entities like APKMirror useful. iOS users who wanted to sideload apps have traditionally gone to jailbreaking to get to app markets.
One such marketplace, vShare, recently got hold of an Enterprise App distribution certificate, signed by Apple. These certificates allow companies to operate their own app stores, typically for employees to use. vShare is marketing itself now as available to iOS devices that are not jailbroken. Thing is, many other third-party marketplaces can boast the same.
UK-based security firm Proofpoint got hold of this news and decided to publish a press release telling everyone to watch out, in so doing renaming marketplaces of that ilk as “DarkSideLoaders.”
The practice of abusing enterprise certificates to propagate app markets isn’t new, but that kind of lingo certainly catches some attention.
Sideloading apps is a calculated risk. Many marketplaces don’t vet apps and their distributors for malicious code or track record. That said, the threats that are out there — are out there. There are no new security threats to iOS as of now. And in the meantime, it seems that Apple has little it can do to stop third-party app stores from seeping into un-jailbroken phones and tablets.
How you make of that is up to you.