Apple's new cryptocurrency rules

Apple has updated its review guidelines to specifically prohibit iOS and Mac apps uploaded on the company's official App Store from utilizing users' devices for cryptocurrency mining operations.

The ban applies for apps designed explicitly with mining operations in mind. Other cryptocurrency-related functions, like managing or trading cryptocoin funds, are still permitted.

Two sections have been updated in the new App Store Review Guidelines —section 2.4.2 (Hardware Compatibility) and 3.1.5 (b) (ii) (Cryptocurrencies).

2.4.2: Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources. Apps, including any third party advertisements displayed within them, may not run unrelated background processes, such as cryptocurrency mining," the new guideline reads.

3.1.5 (b) (ii)  Apps may not mine for cryptocurrencies unless the processing is performed off device (e.g. cloud-based mining).

New review rules put in place after Calendar 2 incident

Apple updated its App Store review guidelines last week, during the WWDC 2018 conference. The company took this step after hidden cryptocurrency mining has become the most popular cybercrime trend among malware developers this past year.

Mac and iOS users haven't been targeted as much as web servers and Windows users, who've taken the brunt of most coinmining malware campaigns, but Apple has seen at least one incident in March when a cryptocurrency miner slipped on the Mac App Store inside the Calendar 2 app by Qbix.

Apple has now decided to take stern steps to prevent such scenarios from happening again, mainly because mining operations tend to drag down the OS, making the entire device slower, and diminishing the well-crafted macOS and iOS experiences.

Cryptocurrency mining may destroy iOS devices

Preventing cryptocurrency mining is crucial on iOS because this untethered mining operations can easily overheat or destroy batteries —or even devices if the battery case deforms, leaks, or catches fire.

Such scenarios have happened on Android, where malware strains like Loapi and HiddenMalware have been known to cause physical damage to infected smartphones.

Apps containing cryptocurrency mining code are still allowed on Google's Play Store and other app stores, but Google and Facebook have recently banned cryptocurrency-related ads because they have been abused to promote scams.

Related Articles:

Make-A-Wish Website Compromised for Cryptojacking Operation

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today's Updates.

Scam iOS Fitness Apps Steal Money Through Apple Touch ID

How a Security Test for DropBox Revealed 3 Apple Zero Day Vulnerabilities

Holding Down Any iOS Keyboard Button Turns It Into a Mouse