Apple recently temporarily banned Google and Facebook from their Enterprise developer program and terminated its developer certificate. The ban was reinstated, but we saw the harsher side of Apple complying with their Enterprise Developer Program policies. But now, the hackers or the developers with malicious intent found a way to steal the Developer Enterprise certificate and create modified versions of the favorite apps like Spotify, Shazam, Snapchat and many others. The modified versions provide numerous features to the users that are not present in the original apps and can be directly installed in the smartphone without the need of the App Store.
The Developer certificate from Apple allows the companies to distribute the internal apps with their employees, or test the beta apps without publishing them on the app store. The app developers like TuTuApp, Panda Helper, Appvalley and others are modifying the apps and distributing them using the stolen license certificate. The modified apps provide features like ad-free music streaming, payment gateway bypass, unlimited gems in the games, etc. By distributing such apps without the valid developer certificate, the app makers are violating the terms of service of Apple App Store.
According to the Apple representative, the developers violating Apple Enterprise developer certificate terms will get their app banned from the system and will get their license terminated. After receiving several complaints about such apps, some of them were banned by the system. But, the App developers swapped the digital certificate in the apps and are still operating with fresh certificates. Apple recently introduced the two-factor authentication method to log in to the developer accounts to prevent the misuse of the certificates. But, the developers are still using multiple accounts and stolen certificates to get access to the ios ecosystem. When asked for their opinion, TuTuApp and Panda helper did not respond to present their view on this matter.