Share this page!

Kosta Eleftheriou Profile picture
Twitter logo
15 Apr, 12 tweets, 5 min read
This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP.

🤯
The developer uses shady ads to attract unsuspecting users, pretending the app was featured on CNN Turk.
Once people follow the ad, they are taken to this App Store page. Notice the abundance of coins and the “Install and win” copy.

In order to pass App Review the app claims to be “a fun running game”, and in the US works like an extremely basic and very poorly designed kids game.
Since the app is free and the App Store is “a place you can trust” according to Apple, most people at this point will just go ahead and download it. What is there to lose?
But since the scammers are not using Apple’s IAP, and an online casino could just be a website, why are they even going through the App Store?

To take advantage of people’s misplaced trust due to Apple’s “Security! Privacy!” marketing.

In fact, this *is* just a web view!
As an icing on the cake, people in the reviews say that they deposited large sums for the promise of a bonus, but they never received the promised payouts.

Surprising no one, the scammers aren’t even operating a fair casino.
The scam has been on the App Store for a few months, and has even received a couple of updates. The same developer also has another app that does the same thing!

It’s impossible to know how much money these scammers have made from unsuspecting users, but such schemes make bank.
As part of their ongoing legal battle with Epic, Apple recently told the court: “Apple conducts a robust app review before apps are published.”

They’ve been telling lawmakers like @amyklobuchar the same thing again and again.

Only now, the truth is coming out. And it’s ugly.
So why does Apple allow this to happen, while engaging in security theater?

“The answer turns out to be as simple as it is depressing: Apple's App Store was never designed to work. At least not in the way the company purports that it does.”

world.hey.com/dhh/the-app-st…
The scam: apps.apple.com/us/app/id15467…
For more scams, follow me and send me your tips at bunco.squad@hey.com

See you next time! ✌️
Support the discussion on Hacker News: news.ycombinator.com/item?id=268242…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Kosta Eleftheriou

Kosta Eleftheriou Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @keleftheriou

Kosta Eleftheriou Profile picture
14 Apr
WARNING: Another top-grossing VPN scam is on the @AppStore

Stay clear! 🚨

How to spot this $5M/year scam in 5 minutes flat: 👇
The app’s screenshots are pretty standard, while the description is riddled with typos - and almost feels like it’s *trying* to be a big unreadable wall of text:
The app has 4 stars with hundreds of ratings, and the featured review by “Corianna Patience” is totally singing its praises:
Read 25 tweets
Kosta Eleftheriou Profile picture
13 Apr
How it started / how it’s going.

Since I exposed this scam yesterday, its ratings have dropped dramatically. What happened?

(thread)
Apple removed some of the fake reviews, resulting in the drop. Great news, right? Not so fast.

There are 120 reviews for this app right now. Of those, 114 are 1-star reviews. The average review score?

1.1 stars ☠️

ONE POINT ONE.

As a reminder, the absolute floor is 1, not 0
*Nobody* is happy with this app. Most are accusing it of being a scam. Some of the ratings are probably fake too, “boosting” it to 2.4 stars.

Why does any of this matter?

The app is currently the #441 top grossing app across the entire App Store 🤯

To put this in perspective:
Read 6 tweets
Kosta Eleftheriou Profile picture
12 Apr
You think the @AppStore is “a place you can trust”?

🚨Think again!🚨

How to spot a $5M/year scam, in 5 minutes flat:👇
This app has 4.1 stars with over 1,000 ratings, and a really nice 5-star featured review:
Let’s slide over to the next reviews, which are not immediately visible:
Read 19 tweets
Kosta Eleftheriou Profile picture
12 Feb
What Apple doesn’t want you to know about the App Store👇

“The apps you love, from a place you can trust” they tell you. But the reality is far from it.

A 4.5-star app? Might as well be a multi-million dollar scam.

How, you ask?

1/🧵
The average star rating of an app can be *trivially* manipulated by any developer.

Really. Just take a look at this eye-opener of a Quora page:

quora.com/What-are-the-b…
But Kosta, I hear you say. Apple would just take down any app that did that!

Well, no. That might be true in some cases, but scams can go undetected for *years*:

Read 37 tweets
Kosta Eleftheriou Profile picture
11 Feb
So Apple finally publicly responded to my complaints.

Let's take apart this embarrassingly generic boilerplate statement the gave to The Verge: In a statement given to The Verge, Apple defended the safegu
"investigate and take action on each report"

The most I got out of their official channels when reporting a competitor using "FlickType Keyboard" as the *name* of their subscription IAP?

Competitor changed it to "Type: Flick my keyboard".

Apple considered this "resolved". 🤦
"The App Store is designed to be a safe and trusted place"

Notice how they say "is designed to be" - because they can't say "is".

With so many rampant scams plaguing the store for years unnoticed, how could they say "is"?
Read 11 tweets
Kosta Eleftheriou Profile picture
10 Feb
Since Apple seems to be cool with this scam remaining on their App Store, let's look at another app from the *same* developer.

This one has stolen "only" $1M so far...

How?

1/🧵
Enter "Truth or Dare⋆". No, the little asterisk at the end is not a typo, just a shitty ASO dark pattern.

apps.apple.com/US/app/id13976…
Searching for "Truth of Dare", we see their ad at the top. Because the scam is so profitable, they can afford to pay a lot for that. Image
Read 33 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @keleftheriou has new unrolls!

Check out other threads from @keleftheriou!

Read all threads by @keleftheriou