09-03-2020 , 09:56 PM
https://hotforsecurity.bitdefender.com/b...7ctw%7CH4S
Industry News
Malicious SDK Spies on iPhone Users and Steals Ad Revenue, Researchers Claim Security researchers have uncovered malicious behavior in a software development kit (SDK) used by over 1,200 apps in Apple’s App Store, with a combined monthly user base of approximately 300 million. Researchers claim the SDK steals ad revenue and exfiltrates user data to servers controlled by its developers.
Dubbed ”SourMint” by Snyk researchers, the SDK is provided by Chinese mobile ad platform provider Mintegral. It allegedly contains malicious code that can spy on user activity by logging URL-based requests made through apps that have it baked in for ad monetization.
“This activity is logged to a third-party server and could potentially include personally identifiable information (PII) and other sensitive information,” Snyk researchers explain in a blog post. “Furthermore, the SDK fraudulently reports user clicks on ads, stealing potential revenue from competing ad networks and, in some cases, the developer/publisher of the application.”
Mintegral allegedly uses two methods to steal revenue from competing ad networks. By claiming attribution for clicks that did not occur on a Mintegral presented ad, the SDK can steal advertiser revenue that should have gone to the other ad networks.
“This seems to be the main goal of this malicious functionality,” the researchers argue.
1 week ago
3 Min Read
Industry News
Malicious SDK Spies on iPhone Users and Steals Ad Revenue, Researchers Claim Security researchers have uncovered malicious behavior in a software development kit (SDK) used by over 1,200 apps in Apple’s App Store, with a combined monthly user base of approximately 300 million. Researchers claim the SDK steals ad revenue and exfiltrates user data to servers controlled by its developers.
Dubbed ”SourMint” by Snyk researchers, the SDK is provided by Chinese mobile ad platform provider Mintegral. It allegedly contains malicious code that can spy on user activity by logging URL-based requests made through apps that have it baked in for ad monetization.
“This activity is logged to a third-party server and could potentially include personally identifiable information (PII) and other sensitive information,” Snyk researchers explain in a blog post. “Furthermore, the SDK fraudulently reports user clicks on ads, stealing potential revenue from competing ad networks and, in some cases, the developer/publisher of the application.”
Mintegral allegedly uses two methods to steal revenue from competing ad networks. By claiming attribution for clicks that did not occur on a Mintegral presented ad, the SDK can steal advertiser revenue that should have gone to the other ad networks.
“This seems to be the main goal of this malicious functionality,” the researchers argue.
1 week ago
3 Min Read