More than 1,200 applications — exceeding 300 million collective monthly downloads — have incorporated a software development kit (SDK) from Chinese advertising service Mintegral that has malicious code to spy on user activity and steal potential revenue from competitors, software security firm Snyk stated in an analysis published on Aug. 24.
The malicious capabilities were integrated into the SDK distributed by advertising firm Mintegral sometime in July 2019. Normally a way for developers to monetize their applications, such an SDK can include functionality the developers do not know about. In the case of Mintegral, for more than a year, the surreptitious capabilities have both reassigned advertising clicks, so that the company profits from clicks on advertising fees intended for other ad networks, and passed along the full URL of the page associated with the application, potentially exposing security tokens and other sensitive information.
The malicious activity required in-depth analysis and help from advertising industry experts to decode, and developers likely would never have spotted the behavior, says Danny Grander, co-founder and chief security officer at Snyk.
"This is not visible to developer, because they are not stealing every click," he says. "It is probabilistic, and developers do not spend their time analyzing every line of code and any binaries that are incorporated into their apps."
The company briefed Apple on the results of the investigation last Friday. Mintegral had not responded to a request for comment by the time of publication. Apple provided only general information about privacy practices as background but no specific statement on th ..
Support the originator by clicking the read the rest link below.
