<ul><li>Certain banking apps in the Apple App Store are using 0-day sandbox escape technique to detect unfavorable apps on users' devices.</li><li>Finance security firm Verichains conducted an analysis and identified at least two banking apps using this technique: BIDV SmartBanking and Agribank.</li><li>The apps are exploiting a private iOS API to check for the presence of certain apps, including popular package manager apps, jailbreak apps, and TrollStore.</li><li>Using private APIs without user consent violates Apple's guidelines and risks app removal from the App Store.</li></ul>

Technical analysis by Verichains confirms sandbox escape use by certain banking apps to detect TrollStore, jailbreak apps

Discover more