Taking a Bite Out of the Forbidden Fruit: Characterizing Third-Party Iranian iOS App Stores

A new study titled "Taking a Bite Out of the Forbidden Fruit: Characterizing Third-Party Iranian iOS App Stores" provides the first comprehensive empirical analysis of Iran's underground iOS app ecosystem. Due to U.S. sanctions and strict internet censorship, Iranian users cannot access the official Apple App Store or developer services. In response, a thriving black market of third-party app stores has emerged, operating in violation of Apple's developer terms. Researchers Amirhossein Khanlari and Amir Rahmati collected and analyzed over 1,700 iOS application packages and metadata from three major Iranian third-party stores.

The study reveals a significant presence of Iranian-exclusive apps, widespread distribution of cracked (pirated) apps, and unauthorized monetization of paid content. It also documents embedded third-party tracking and piracy libraries, as well as security and privacy risks from altered binaries. Notably, financial, navigational, and social apps that exist only in this ecosystem reflect the unique digital constraints of Iranian users. The researchers quantify potential revenue losses for developers due to piracy and highlight how sanctions, censorship, and enforcement gaps have enabled this parallel app distribution ecosystem with complex socio-technical implications.