"Malicious Behavior Allegedly Found in Advertising SDK Used by 1,200 iOS Apps"

Researchers at Snyk, a developer security company, claim to have discovered malicious code in different iOS versions of an advertising Software Development Kit (SDK) developed by Mintegral, a China-based mobile advertising platform provider with offices in the United States, Europe, and Asia. More than 1,200 iOS apps use the Mintegral advertising SDK, dubbed "SourMint" by Synk. According to the researchers, SourMint can allow Mintegral to steal revenue from other ad networks used by apps in which the SDK is integrated. In addition, SourMint allegedly harvests URLs accessed via apps that use the SDK, and device information that could allow the vendor to gain access to private user information. This article continues to discuss the malicious behavior exhibited by the advertising SDK, as well as how Apple and Mintegral have responded to these findings. 

Security Week reports "Malicious Behavior Allegedly Found in Advertising SDK Used by 1,200 iOS Apps"