Malicious SDK found spying & defrauding users through iOS apps

Malicious SDK found spying & defrauding users through iOS apps

According to researchers, the malicious SDK was found in iOS apps downloaded at least 300 million times in a month and in 70 of the top 100 and top 500 apps available on the App Store.


The IT security researchers at Snyk have identified a malicious functionality in the iOS MintegralAdSDK, also called SourMint. It is distributed by China-based firm Mintegral, and is reportedly performing ad frauds on ‘hundreds of iOS apps.’


Snyk researchers claim that apart from ad fraud, SourMint compromises the privacy of countless iOS users.


The security researchers revealed that what appears as a legit advertising SDK for iOS app developers, it actually contains malicious code that can perform ad attribution fraud.


See: US firm accused of secretly installing location tracking SDK in mobile apps


It can discreetly access link clicking activity within a majority of iOS apps using that SDK, which is distributed via Mintegral’s GitHub repository, Gradle/Maven for Android, and Cocoapods Package Manager for iOS. However, the Android version wasn’t found to be malicious, and only the iOS versions were malicious.


 


Additionally, SourMint can spy on the user’s link click activities to track app requests and report it back to Mintegral servers. Its activities stayed undetected for over a year as it first appeared in the 5.51 version of iOS SDK, released in July 2019, and continued through the latest version 6.3.7.0.



Snyk researchers identified the malicious SDK in a total of ..

Support the originator by clicking the read the rest link below.