If you’ve ever been to a shady gambling den, then you’d know that typical hallmarks of such an establishment include a gatekeeper that would let you in with the right password or bribe. Within the iOS ecosystem, that form of subterfuge takes on the form of a “children’s game” that masks an online gambling den.
The discovery of the facade was made by Kosta Eleftheriou (@keleftheriou), an entrepreneur who has reportedly made it his life’s mission to expose scam apps on iOS. On the surface, the illicit gambling app, Jungle Runner 2k21, takes on the form of a simple side-scrolling platform game, catered towards children. As we mentioned, the only way you’ll gain access is if you have the right password.
In this case, you’ll actually need to be in the right country to gain access to the den or at least, pretend to be in the “right” country via the VPN, which is exactly what Eleftheriou did. After setting his VPN to Turkey and relaunching the app, the children’s game disappeared and what appeared in front of him was an entirely different app, with a roulette wheel greeting users.
This @AppStore app pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP.
— Kosta Eleftheriou (@keleftheriou) April 15, 2021
At the time of writing, the app has since been removed, but it should come as no surprise that Eleftheriou’s discovery was just one of several online gambling dens that are hidden in plain sight. On the software developer’s level, however, the man points out how Apple’s App Store review program could easily overlook these cover-ups; on the surface, the coding looks a lot like your average shovelware. However, the biggest tell of the app’s eligibility is its use of Pastebin for its privacy policies.
