updated 08:41 pm EST, Wed February 19, 2014
Former jailbroken software bypasses App Store, poses security risk
A former "unofficial" app that required jailbreaking an iOS device to run its Game Boy emulator has attempted to "backdoor" its way onto non-jailbroken devices by hijacking a legitimate certificate, which has now been disabled by Apple. The app, GBA4iOS 2, offered emulation of Game Boy, Game Boy Color and Game Boy Advance games on iOS 7 devices, and included a built-in browser to allow users to pirate ROMs.
Improper certificate seen on installation
The certificate used by the developer traces back to a Beijing company, presenting potential security risks. The previous version worked around security restrictions by requiring users to both jailbreak their devices and set the internal clock back to a date in 2012, but the 2.0 release required neither, exploiting the hijacked enterprise distribution certificate instead and installed through a direct download link.
Despite this, many users reported that the app failed to install properly or work. It is possible that the software carries other payloads beyond its emulation ability, which would explain the rationale of using a repurposed certificate rather than keeping it as an unofficial app available through the usual jailbreaking app repositories.
Several emulator apps have snuck into the official App Store, usually by pretending to be other types of applications. Once discovered, Apple has routinely pulled such apps for violations of its rules. The company has since disabled the enterprise certificate the GBA4iOS developers hijacked, and may take further action depending on how it was obtained.
MacNN is currently testing the emulator and will update the story if any suspicious outgoing connections or other activity apart from the emulation itself is detected.