iOS's unique closed ecosystem requires apps to undergo multiple layers of review and testing before release, elevating security and stability to new heights. Consequently, many cheating methods on iOS are designed to circumvent App Store scrutiny.
Like the common iOS jailbreak, after a device undergoes a series of jailbreaking procedures, users gain root access to the operating system. Through software like Cydia Manager, they can install third-party extensions beyond the App Store, facilitating game Cheats and Hack.
Additionally, there's Trollstore—a jailbreak-free cheating method developed based on the CoreTrust vulnerability that bypasses iOS signature verification. It allows users to bypass the App Store without jailbreaking, installing external software via IPA packages to enable actions like installing cracked games and Cheats.
As well as exploiting Apple developer signatures to circumvent the App Store and install external applications through cheating methods.
To meet developers' long-term signing needs, Apple introduced enterprise signing and individual developer signing. Developers can use the same signing certificate to sign their apps, avoiding frequent re-signing. This technology has also been exploited by Game Black/Gray Industry operators, whose workflow is as follows:
First, Game Black/Gray Industry applies for developer accounts. By adding the UDID (Unique Device Identifier) of a cheating device to the developer dashboard, they mark that device as a developer device. They then distribute hacked games, Cheats, and other applications as IPA files to the platform. Finally, the cheating device uses the itms-services method to obtain these hacked games and Cheats.
Throughout the cheating process, the devices remained untouched by jailbreaking. Moreover, these Cheats applications and Hack games employ covert methods like forged signatures to evade detection, significantly escalating the difficulty of game security countermeasures and causing severe disruptions to numerous games.
JikGuard has developed a mature and comprehensive protection solution for various security challenges in iOS games. It has been integrated into multiple popular games and has demonstrated outstanding protection capabilities.
▶ Anti-Debugging Protection
Dual-layered defense: First employs detection methods such as ptrace, syscall, sysctl, and exception handling, then encrypts the protective code for enhanced effectiveness.
▶ Anti-Jailbreak Protection
Comprehensive multi-dimensional detection, such as checking the installation of certain apps, file presence, directory access permissions, etc., to determine whether a device has been jailbroken.
▶ Anti-Resignation Protection
Precisely verifies the package's internal signature by comparing the signature stored during hardening with the signature obtained at runtime.
▶ Anti-Modification Protection
During the code countermeasure defense phase, JikGuard provides local detection code and safeguards its integrity.
Additionally, JikGuard has developed an online signature update detection feature. Upon acquiring samples, it can immediately distribute signatures to protect app security in the shortest possible time.
