Source: https://cobaltstrike.net/2022/03/21/apples-testflight-app-was-used-to-spread-malware/
Attackers have found a way to distribute malicious applications among iOS users that can compromise the privacy of victims.
Apple distributes preview versions of apps and games for beta testing by directly inviting users via links through the TestFlight app. Developers can use TestFlight to invite up to 10 thousand users to participate in beta testing. According to experts from the Sophos information security firm, scammers use the same application to distribute their malware among iPhone and iPad users, and this happens through the Apple TestFlight platform.
At the same time, cybercriminals steal money from users without their knowledge. Fake malicious apps are very good at disguising themselves as real ones, so people trust them during transactions.
Since applications and games distributed through TestFlight do not pass the Apple App Store verification process, the CryptoRom malware campaign took advantage of this loophole and distributed fake and malicious cryptocurrency applications to iOS and iPadOS users.
CryptoRom organizers also distribute malicious applications disguised as legitimate web applications or web clips that users can pin to their home screens on iPhone and iPad.