The domain codevn.net and its subdomain id.codevn.net have been flagged by various security researchers and automated threat intelligence platforms as suspicious. The URL structure suggests an attempt to mimic legitimate application stores (specifically the Google Play Store, known as "CH Play" in Vietnam) to social engineer users into installing unauthorized configuration profiles.
A .mobileconfig file is an XML plist used by Apple to distribute device settings. While useful for enterprise deployment, malicious actors abuse this format to: http id codevn net chplay mobileconfig
http://id.codevn.net/chplay.mobileconfig URL installs an iOS Configuration Profile that creates a "Web Clip" on a user's home screen to mimic the Google Play Store icon. This file simulates a "CH Play" experience by launching a mobile-optimized website, but it cannot download or install Android apps on iOS. While sourced from the Vietnamese "sideloading" community, installing third-party The domain codevn
: Navigate to Settings > Profile Downloaded (or General > VPN & Device Management ). : Open Safari and visit the link http://id
: Open Safari and visit the link http://id.codevn.net/chplay.mobileconfig .