Advertisement

A fake Amazon Alexa app somehow got into the iOS App Store

If you got a new Amazon Echo device for Christmas and set it up via your iPhone or iPad, you might have a serious problem on your hands.

In the days after Christmas, a fake app for iOS presenting itself as an official Amazon Alexa app climbed the charts on Apple’s App Store. The app, called “Setup for Amazon Alexa,” fooled enough people that it reached No. 60 on the Top Free apps section of the entire App Store. It also made it to the top ten list for Utilities, peaking at No. 6.

A screenshot of “Setup for Amazon Alexa” in the App Store.
A screenshot of “Setup for Amazon Alexa” in the App Store.

Image: APPLE

Reviews of “Setup for Amazon Alexa” in the App Store complained that the app didn’t work. Many users made it clear in their review that they believed it was an official Amazon iOS app.

The app was finally removed from the App Store late Thursday night.

Reviews of the fake Amazon Alexa setup app as seen on the App Store.
Reviews of the fake Amazon Alexa setup app as seen on the App Store.

Image: APPLE

Created by a company called One World Software, the app asks users to input their IP address and serial number of the Alexa device they’re trying to setup. Thankfully, it appears that the app’s purpose isn’t to steal a user’s personal info, although there are certainly other risks if a bad actor has that kind of information. According to those who tried the app, it seems the malicious developer’s scheme is to keep users engaged in the app for as long as possible to show them ads. 

Screenshots of the app provided by the developer on the App Store.
Screenshots of the app provided by the developer on the App Store.

Image: APPLE

The developer is also behind other fake apps such as “Marketplace – Buy\Sell,” which presents itself as an official Facebook app.

Apple is well known for its stringent App Store approval process. The company has said it manually approves every app that goes live in the App Store. However, this is far from the first time a sneaky developer has found a way to trick Apple into approving malicious apps. Earlier this month, Apple removed apps from its App Store which tricked users into making in-app purchases via TouchID.

SEE ALSO: Amazon breaks holiday sales record again, aided by Alexa voice purchases

Millions of new Amazon Alexa device owners were potentially targeted by this scammy Alexa setup app. Amazon announced on Wednesday that it had sold millions of Alexa-powered devices, such as the Amazon Echo, this holiday season.

WATCH: This talking fish has Amazon Alexa inside

Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f89956%2fbafaac0a 40fb 46c1 95fc c579fa142a0a
Https%3a%2f%2fblueprint api production.s3.amazonaws.com%2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f89956%2fbafaac0a 40fb 46c1 95fc c579fa142a0a