Popular iOS SDK Caught Spying on Billions of Users and Committing Ad Fraud:
A popular iOS software development kit (SDK) used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information.
According to a report published by cybersecurity firm Snyk, Mintegral — a mobile programmatic advertising platform owned by Chinese mobile ad tech company Mobvista — includes an SDK component that allows it to collect URLs, device identifiers, IP Address, operating system version, and other user sensitive data from compromised apps to a remote logging server.
The malicious iOS SDK has been named "SourMint" by Snyk researchers.
"The malicious code can spy on user activity by logging URL-based requests made through the app," Snyk's Alyssa Miller said in a Monday analysis. "This activity is logged to a third-party server and could potentially include personally identifiable information (PII) and other sensitive information."
"Furthermore, the SDK fraudulently reports user clicks on ads, stealing potential revenue from competing ad networks and, in some cases, the developer/publisher of the application," Miller added.
Although the names of the compromised apps using the SDK have not been disclosed, the code was uncovered in the iOS version of the Mintegral SDK (6.3.5.0), with the first version of the malicious SDK dating back to July 17, 2019 (5.5.1). The Android version of the SDK, however, doesn't appear to be affected.
(Score: 5, Interesting) by sea on Tuesday August 25 2020, @05:05PM (3 children)
China, Ukraine, Russia, countries in Africa, the middle east, India, South America, and some parts of the USA and a few other EU countries like Slovenia.
What do these all have in common? They are all developing countries or they have massive inequality.
The cause of this is that you'll sometimes get smart people in these places that haven't got themselves a job because of their location. Until they are able to move to a big city and get themselves employed in something useful, they do the only thing you'd expect: They exercise their skills on the wrong things.
You have this same problem in schools where the smart kids, if left unchallenged, will become destructive. Exactly the same problem and it has nothing to do with governments and everything to do with economic opportunity.
(Score: 1) by fustakrakich on Tuesday August 25 2020, @07:07PM
China, Ukraine, Russia are developing countries? Is that like, *A jew is a developing Christian*?
The only common link amongst all of them (including some parts of the USA, for instance, DC) is that they are under corrupt authoritarianism, so upward mobility is limited to the warlords, mobsters, and cartels (the "wrong" things)
La politica e i criminali sono la stessa cosa..
(Score: 2) by barbara hudson on Wednesday August 26 2020, @12:09AM (1 child)
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 1) by khallow on Wednesday August 26 2020, @12:16AM