Malicious iOS SDK breaches user privacy for millions

2020-08-24 12:47

According to Snyk, SourMint actively performed ad fraud on hundreds of iOS apps and brought with it major privacy concerns to hundreds of millions of consumers.

On the surface, the MintegralAdSDK posed as a legitimate advertising SDK for iOS app developers, but its malicious code appeared to commit ad attribution fraud by secretly accessing link clicking activity within thousands of iOS apps that use the SDK. SourMint also spied on user link click activity, improperly tracking requests performed by the app and reporting it back to Mintegral's servers.

Unbeknownst to developers integrating it into their applications, the iOS versions of the SDK were malicious.

Researchers found that SourMint has two major malicious functionalities in the SDK:. Compromising app user privacy SourMint monitored and tracked when users clicked on links, spying on individual link activity by hooking onto the communication functions the iOS app user deployed.

"As the first malicious SDK of this kind to infiltrate the iOS ecosystem, SourMint was very sophisticated. It avoided detection for so long by utilizing various obfuscations and anti-debugging tricks," said Danny Grander, CSO, Snyk.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/S_MuFg4-1mw/

#breaches #IOS #privacy #SDK