Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Apple Points to Android Malware Infections in Argument Against Sideloading on iOS

Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS

Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users.

Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS

Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users.

Sideloading is the process of downloading and installing mobile apps on Apple devices from sources other than the official App Store, such as through direct downloads or third-party app stores.

There has been pressure on Apple to support sideloading, but the tech giant believes that sideloading would “cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks.”

Apple is apparently trying to show how bad the situation is in the Android ecosystem, and suggests that iOS could end up just as bad if it starts allowing users to install applications from third-party stores and websites.

The company has collected data from nearly 150 reports and news articles published by major cybersecurity firms and news outlets since 2014 in an effort to show that Android devices are far less secure than iPhones. For instance, the report highlights two threat intelligence reports from Nokia showing that Android phones had between 15 and 47 times more malware infections than iPhones.

Apple’s report also highlights a recent EU report claiming that its cybersecurity agency, ENISA, detected 230,000 new malware infections every day between January 2019 and April 2020. It’s worth noting that Apple’s report says “230,000 new mobile malware infections,” but the EU and ENISA reports seem to refer to infections across all platforms, not just mobile platforms.

The tech giant also points to a Kaspersky report showing that the cybersecurity firm’s products detected more than 5.6 million malicious installation packages targeting Android devices last year.

Apple argument against sideloading on iOS

The company said that if it were forced to support sideloading, it would be easier for cybercriminals to target its customers, even if sideloading were limited to third-party app stores. It also pointed out that other app stores don’t check applications and don’t require developers to provide accurate privacy-related information, as the App Store does.

“Some sideloading initiatives would also mandate removing protections against third-party access to proprietary hardware elements and non-public operating system functions. This would undermine core components of platform security that protect the operating system and iPhone data and services from malware, intrusion, and even operational flaws that could affect the reliability of the device and stop it from working,” Apple wrote in its report.

The company is concerned that universal support for sideloading would also cause problems for users who don’t want to install applications from third-party sources — they could be forced to install work- or school-related apps, or cybercriminals could more easily deliver their malware by creating fake App Store websites that lure users with tempting offers.

Apple published another, shorter report on the risks posed by sideloading in June.

While iOS may not be as targeted by malware as Android, iOS has still had some malware problems, including ones that impacted a large number of users. For example, the XcodeGhost malware discovered in 2015 impacted thousands of iOS applications and 128 million iOS users.

More recently, threat actors were observed delivering spyware to iPhones as part of a highly targeted espionage campaign that involved iOS zero-day vulnerabilities.

Related: Apple Security Flaw: How do ‘Zero-Click’ Attacks Work?

Related: Apple Patches macOS Security Bypass Vulnerability Exploited by ‘Shlayer’ Malware

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...