Researchers discovered two iOS fitness apps available in Apple’s App Store that attempt to scam users out of $99-$119. The two apps are called Calories Tracker app and Fitness Balance App. When the user opens the app, they will be asked to give their fingerprint in order to view the calorie tracker and diet recommendations. If the user places their finger on the scanner, the app will try and charge the victim’s saved payment source anywhere from $99-$119. iPhone X users are protected if “Double Click to Pay” is enabled, while older iPhone users would be charged automatically if there is a payment source on the device. Users attempted to reach out to the developer of the Fitness Balance app and they received what appeared to be an automated messaged describing that the issues will be fixed in the upcoming versions. Users also reported the apps to Apple and Apple has since removed the apps from the App Store.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased