The App Store has seen its fair share of drama since its creation, and while Apple never publicly acknowledged any of it, there have been ample amounts of evidence showing that iTunes accounts have previously been hacked to steal money from store credit, or to buy applications without the account’s owner’s consent. Last year, some hackers went as far as selling iTunes accounts login information on ToaBoa.com, a Chinese site similar to eBay.
Today we received tips from two independent sources claiming they had received a suspicious email from Apple, urging them to download an application from the App Store. The email happens to be a fake, but the application is real…
The email looks like it is coming directly from Apple. Of the two emails we saw, both had different senders (Rebecca Schumacher and Angelo Seals) but they both conveniently showed no_reply@apple.com.
The email looks like it is coming directly from Apple. Of the two emails we saw, both had different senders (Rebecca Schumacher and Angelo Seals) but they both conveniently showed no_reply@apple.com.
The application in question is The Tribez HD, a free app with about 22,000 reviews, mostly positive. So is the developer of this application to blame for the email spam?
Strangely, the link to the app download sent in the email doesn’t directly take you to the app in the App Store. Instead, it goes to http://hastrk2.com/pub_c?adgroup_id=3513, then redirects to a subdomain of mobileapptracking.com, which finally redirects you to the app in the App Store.
After doing a quick research, I found out that the hastrk2.com domain belongs to a company called Adapp Solutions, which happens to run another business called mobileapptracking.com.
Adapp Solutions describes its offering as:
Even as the online advertising industry continues to grow, too many participants are forced to use software that doesn’t match up to the quality of their business. Adapp – made up of a core team of highly successful former affiliate marketers – was founded on the simple idea that giving ad network managers and affiliates themselves complete control over every aspect of their application was the best approach.
If you are interested in our product you can find it at http://www.hasoffers.com/
So I visited HasOffers.com, the site that Adapp Solutions presents as its store front. From what I understand, HasOffers is an affiliate tracking software that allows businesses to track and manage their own affiliate programs. A quick look on their other website mobileapptracking.com tells me that “Mobile App Tracking provides a simple, yet effective means of tracking mobile app installs back to marketing and advertising sources”.
At this point, I stopped digging more and tried to figure out who’s to blame in this spamming campaign. Is it the app developer of The Tribez HD, or is it Adapp Solutions which already has a shady past?
I see 2 possible scenarios:
1. The developer of The Tribez HD are the spammers and they are simply using Adapp Solutions as a tracking tool, or
2. Adapp Solutions has been commissioned by the developers of The Tribez HD to get more people to download the application.
In both cases, the main question that comes to mind is how did they get these email addresses from App Store users? Are these email addresses part of the accounts that were hacked into and sold on ToaBoa.com?
I have contacted both the developer and Adapp Solutions people to find out more and I will make sure to update this post with updated information as it becomes available. I also alerted Apple about the suspicious emails.
In the meantime, I doubt there is any risk in downloading The Tribez HD app, but you might still act with caution if you receive such an email.
Update from Adapp Solutions:
Ya. The application developer Game Insight uses our technology. We’re a third party software provider that provides advertising analytics so not sure why we’re the focus on your article.
You should be reaching out to Game Insight directly.
No comments:
Post a Comment