New services take the lead from hackalous, allow pirated iOS app installs

By javagreen
in Back Page News

 Share

Recommended Posts

Mentor

javagreen

Posted
Posted

Late last year, the closure of the uber-popular Installous marked the end of a promiscuous era in iOS app piracy. Now, several new services are on the rise that are filling the gap and offering easy installation of pirated apps, even on devices that have not been jailbroken.

The two that have risen to the forefront are Zeusmos and Kuaiyong. While the former has been around for a few months, it has gained significant steam since the exit of Installous. The latter has appeared seemingly from nowhere over the past couple of weeks.

Both of these services are dangerous for app developers because they offer simple, one-tap installs of pirated apps and do not require that devices have been jailbroken in order to do so. This is an enormous problem, as it opens up the arena for their use from the relatively small fraction of users with jailbroken devices ? as was the case with Installous ? to any unscrupulous users of iPhones and iPads.

If you?re looking to steal apps from developers ? lets not kid ourselves about what?s happening here ? it is now easier than ever to do so.

Source : TheNextWeb

Mentor

Guth

Posted
Posted

Just watched a video of some guy using it on a non-jailbroken device on iOS 6... Starting to make me think iOS really isn't anywhere near as secure as I thought it was :/

me too! I never realised this could be done on non-jailbroken devices! Although I don't agree with what they are doing, you gotta hand it to them that the guys who work these out are really clever and good at what they do.

shame they can't put their talents to better use

Grand Master

Glassed Silver

Posted
Posted

This has less to do with security than with app certification.

These guys abuse the profile certification process, which enables developers to hand out profiles to install beta version of apps that haven't been released to the App Store due to the nature of wanting to only release tested versions to a store and the faster process of delivery.

It's also a method for devs themselves to try their apps.

The fee is due to the need to issue these certificates of which there isn't infinite number I guess (never really looked into that too much).

So they are basically cracking the apps and issuing them like beta versions of their own software to iOS.

It's not really stoppable without cutting deeply into developer's interests to deliver beta versions in a straightforward way.

Some Cydia tweaks can be installed in such a way from alternative stores to unjailbroken devices, although not everything is possible due to the lack of superuser access (so some tweaks won't be able to access APIs and system functions that are locked away from the user mobile as opposed to root), which isn't needed for cracked App Store apps to work btw.

(that would be insane)

Now, jailbroken devices obviously don't need the certificates due to the nature of enabling bypassing the anti-piracy mechanisms directly.

Glassed Silver:win

  • SMELTN and migo
  • Like 2
Grand Master

SMELTN

Posted
Posted

This has been going on for quite a while now, but now I see it as becoming a serious problem because its being pushed in the spot light. Which means a ton of other people are going to create the same thing and continue until Apple locks things down even more

Grand Master

Glassed Silver

Posted
Posted

Thanks for the explanation. I was wondering how that worked.

Hypothetically, devs could choose to release their software directly then, and presumably would pay Apple less for the beta certs than the 30% cut?

As I said, it's limited and if I'm not mistaken to create such certificates you need some money.

So no, also devs know that people don't look beyond the App Store for apps.

So if the 30% annoys you, you should be annoyed a lot more by the way lower amount of sales, server costs, more marketing costs, taking a big hit in customer trust (does he/she not release to the App Store for a particular reason?!)

If you're keen on the money, go for the App Store. :)

Glassed Silver:ios

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft Edge gets tons of security features, including AI model that can see your screen

      By Snake Doc · Posted

      Ummmm that is what is it supposed to do. Just turn if off in settings if you do not want it analyzing your open tabs. Chrome does the same thing with Gemini. Sarfari will do the samething after Apple's AI and even more so with the release of their 27 versions that is now powered by Googles LLM/ML models. Understanding why it is doing it and how it can help you vs jumping to some conspiracy theroy is a much better approach. As long as it can be turned off, all is good. Yes the default should be off but the a lot of people would never discover these features.
    • Microsoft Edge gets tons of security features, including AI model that can see your screen

      By WaltC · Posted

      Just another reason (aside from many others) not to use Edge. Firefox 153.0b5 DEx64 has a similar feature added recently in prior builds that I will turn off at some point when I get around to it. It's the new "Something looks suspicious" page that pops up here and there. It cleverly hides itself between web pages that I've actually visited; as a result, you know, of selecting a web page and telling the browser where to go. The interesting thing is that it does not produce these warnings from pages that I, as the only intelligent user of the browser in my system, have ever directed the browser to open! What seems to be happening is that the browser looks at all the goofy ad links on a web page I do actually open and selects one that "looks suspicious" and then creates the "something looks suspicious" web page, which is neatly inserted, as mentioned, between web pages my RB ("real brain") has directed the browser to load in a session. The thing is, I usually look at links I am considering to follow before I ask the browser to load them, and in cases I have noticed where the link does indeed look suspicious, most of the time I will choose to not follow the link at all. Doesn't everyone do this or something similar? I am picky about what I voluntarily load... (I don't like links that start off fine, with a site designaiton that seems normal enough but then is followed by indecipherable alphanumeric strings many, many lines long, etc. I tend to reject those because they look suspicious. They may not be, but I don't care... I'll stay with Firefox, of course, if for no other reason than they usually let you turn off the junk you don't like. And because it isn't Edge... But at some point Microsoft will come to realize that putting your bookmarks on the left side is a Good Thing for a lot of people, just as Microsoft discovered when it had the bright idea of nailing the Windows taskbar to the bottom of the screen, when for decades Microsoft browsers had left that placement up to the user. They have finally reversed the obscenity of that decision. Finally.
    • Google's new hand-wave reCAPTCHA can be bypassed with a stock photo

      By Ccl Ncc · Posted

      Google was using the old CATPCHAs data to train their LLMs. What is the say they won't use this camera data of users to train their LLM? these companies need some strict regulations!
    • How do you future-proof a home or small office network?

      By Mindovermaster · Posted

      Depends on what you need. Might be a bit clearer on what you plan to do with it. Sort of a waste if you get the newest and greatest, but don't know how to use it.
    • NTLite 2026.06.11200

      By Copernic · Posted

      NTLite 2026.06.11200 by Razvan Serea NTLite is a Windows configuration tool that allows you to modify your existing Windows install or an image yet to be deployed, remove Windows components, configure and integrate, speed up the Windows deployment process. Reduce Windows footprint on your RAM and storage drive memory. Remove components of your choice, guarded by compatibility safety mechanisms, which speed up finding that sweet spot. Windows Unattended feature support, providing many commonly used options on a single page for easy setup. Easily integrate a single or multiple drivers, update or language packages. Package integration features smart sorting, enabling you to seamlessly add packages for integration and the tool will apply them in the appropriate order, keeping hotfix compatibility in check. One of the important new features of NTLite (compared to its predecessors) is the ability to modify an already installed the operating system, by removing unnecessary components. Supports Windows 11, 10, 8.1 and 7, x86 and x64, live and image. Server editions of the same versions, excluding support for component removals and feature configuration. ARM64 image support in the alpha stage. Does not support Checked/Debug, Embedded, IoT editions, nor Vista or XP. NTLite 2026.06.11200 changelog: New Secure Boot Migration support: Verification, certificate staging, and boot-manager/sector update across the Image, Updates, Apply, and Create-ISO pages (2023 CA migration, optional 2011 revocation, Anti-rollback, Boot sector choice etc) Secure Boot Host Readiness: Live host Secure Boot migration monitor and Servicing-task control Option under Image page - C:\Windows row, or load the host as the target - Updates - Secure Boot Image: 'Sort mounted images first' option for the image list in Menu-Settings UI: Hover description card for Components and Unattended pages, selectable text and quick access to Compatibility options Command line: Relay commands into the already-running instance Enables controlling already running NTLite via ntlite.exe Use /NewInstance to launch an additional instance using CLI operations (premium) UI: 'New instance' option via main menu instead of a secondary ntlite.exe prompt Apply: Hide individual Apply-page notes with a per-note dismiss (X), critical excluded Settings: 'Unsigned RDP file launch warnings' tweak (RDP client), bypassing the April 2026 security-update prompt on RDP connections Upgrade Image: Live OS and deployed image editing now unlocked on free/test licenses, same licensing as images Image: 'Recompress' option in manual dialog Remove Editions to shrink the WIM in one session Image: SWM part size set inline on the Apply page and image dialogs, split-size popup retired Image: Relative 'Last change' dates; editions grouped by build time to reduce noise Image: 'Forget - Missing' on the Edit-cache menu to mass drop entries whose folder is gone Components: Root groups reorganized - user-facing groups first, system/critical last Components: Show filter options to view components by Template or App-type, since Apps are now merged into groups Presets: Delete confirmation now lists the multi-selected preset names UI: Design update propagated to the rest of the tool UI: Filter and search match words in any order and partially, better results filtering Components Unattended: Input-locale language derives from the user locale, with an independent keyboard picker, enables combinations previously unavailable Unattended: Input-locale now allows for a user value override Unattended: Localization OOBE WinPE now can be copied with the new WinPE Copy OOBE localization toggle, enter locale settings once for both stages Updates: Downloader greys and locks updates the image already carries (hotfix and MSIX) Updates: Resume interrupted update downloads Command line: Many upgrades, see /?, now prints help to the console or redirected output UI-Translation: Finnish language added, also thanks for Chinese Traditional (Matt), French (tistou77), Italian (clarensio), Russian (RDS), Swedish (1FF), Vietnamese (Vu Anh Vu) Fix Components: Containers removal breaking Apps deployment Components: Microsoft Account had leftovers when Easy Migrate is kept Image: Export to an existing WIM improvements, Append renamed to Merge Image: Improved 26H1 live removal support Image: No more 'X:\ not accessible' popup for certain drives during image scan Presets: Manual image refresh picks up presets added/removed outside the app Tweaks: Disabled visual-effect animations no longer return after first logon on a new profile Tweaks: Live Visual Effects toggles (animations, drag full windows, font smoothing) now apply correctly Download: NTLite 2026.06.11200 | 20.5 MB (Free, paid upgrade available) Link: NTLite Home Page | NTLite Features | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • One Year In
      BA the Curmudgeon earned a badge
      One Year In
    • Conversation Starter
      rosiecharles earned a badge
      Conversation Starter
    • First Post
      KMilenkoski1202 earned a badge
      First Post
    • First Post
      carols23 earned a badge
      First Post
    • One Month Later
      Tom Willson earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      506
    2. 2
      +Edouard
      258
    3. 3
      PsYcHoKiLLa
      151
    4. 4
      Steven P.
      94
    5. 5
      macoman
      66
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!