12:33 20th Oct, 2015
Researchers found that the apps route the downloaded user data to private servers without the user even knowing about the same.
Source DNA a security analytics company, recently brought to light its discovery of about 256 apps that have been secretly gathering details about their users, which can actually be used to track them back. The details that were revealed by Ars Technica, tell that there were about 256 apps where the developers themselves were not aware, that their code was relaying personal data from users to secure servers over the internet.
Apple has finally responded to the find and is pretty pissed off that these apps got through right under their noses.
"We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines.”
As for what Apple plans to do with such a blatant violations of its App Store policies, “The apps using Youmi's SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly."
The whole incident is similar to what happened just a month ago in the XcodeGhost hack scenario. It is a case where developers downloaded laced tools to develop apps, which seemed pretty much normal when they went through the vetting process of the Apple App Store.
What they did not know, was that the software used to build those apps also added an unknown API that allowed a mobile ad provider Youmi to siphon private details from users for its own purposes.
That data would include, private information such as email IDs, unique serial numbers, and even details that would let the receiver track user locations.
For now Source DNA reported that only users in China have been affected since most of the apps have been developed by Chinese developers for that specific market. But there are plenty of big names like WeChat with millions of users that also made it to this list.
- The Best Smartphones Under Rs.20,000
- Best Phones Under Rs 10,000 (November, 2018)
- Best Phones Under Rs 20,000 (September, 2018)
- Best Phones Under Rs 30,000 (September, 2018)
- Five Android Apps To Make Your Insta Pop
- 9 Hot Android Smartphones Expected To Hit The Shelves Soon
- 3 Fitness Bands For The Budget Users
- 5 Best Screens From Android Based Smartphones
- The 5 Browser Add-Ons That Everyone Must Have
- Top 5 Pocket Friendly Virtual Reality Headsets