Apple has removed an illegal pirate streaming app from its App Store that had slipped through the net and was available to download for several months before being spotted.
The app is called Kimi, and it managed to reach the #8 spot on Apple’s free entertainment apps list, and #46 overall, according to a report by The Verge. Kimi claimed to be a free vision-testing application, but that was really just a front for its true service of pirated video streams.
According to The Verge, the description for Kimi claimed it was an “interesting APP that tests your eyesight”, yet anyone who went to the reviews section would quickly learn the truth. “I downloaded this app to watch Frozen II and it’s basically like Netflix,” said one user. Within the app’s library, users could find movies such as The Underdogs, The Florida Project and Leave The World Behind, among many hundreds of others.
Shortly after The Verge published its story, the Kimi app was removed from the App Store, but it had been available since September, meaning that it was likely downloaded by thousands of users. According to Apple, the app violated its bait-and-switch policy, which prevents apps from masquerading as one thing despite delivering a completely unrelated service.
The removal of the app means Apple TV 4K users will now have to stick to legal streaming apps such as Netflix, Apple TV+ and Amazon Prime Video, at least until a new pirate streaming app makes it past Apple’s screeners. Unfortunately, that is surprisingly common though, as it was only last week that Apple removed another illegal app claiming to be the LastPass password manager. Although it looked much like the genuine LastPass app with the same branding and colors, it was in fact a phishing scheme intended to steal user’s passwords. Strangely, the app received a 5-star rating prior to its takedown, although several users wrote reviews warning that it was fake.
With two takedowns in two weeks, it’s inevitable that concerns will be raised over Apple’s App Store review process. Because the company publishes so many thousands of apps each week, it generally automates the process of verifying new applications. Its review process is primarily focused on verifying the privacy, security and content of newly submitted apps, and developers are required to adhere to strict guidelines to secure approval. The checks sometimes also include a manual review, but clearly Apple doesn’t have the manpower to do that for every app submission. In 2022, it rejected almost 1.7 million app submissions and banned 428,000 developer accounts for breaking its rules. It also removed 24,000 apps that year for violating its policies.
While the Kimi app wasn’t thought to have been dangerous for users, the fake LastPass app was a real concern as unwitting users could have provided it with extremely sensitive data such as account passwords and credit card details. The discovery prompted the real LastPass to issue a statement and post both the legitimate URL to its app, and the fake URL for the copycat app, allowing users to verify they are downloading the right version.
