jminnihan

So here's the base problem. In any iOS or Android app, you have the capability to create what's known as a web view inside the mobile app. This web view could look like a standard mobile application, for example using mobile frameworks such as React-mobile, or Adobe's Cordova, App Guyver, etc. These web views use a url to access the display of the web site in a mobile look and feel matching that of the mobile app. Now here's the big kicker: anytime AFTER app approval by Apple, all the nefarious developer has to do, is change the purpose of that mobile application looking page at that url since its being hosted by their website.