12:33 20th Oct, 2015
Researchers found that the apps route the downloaded user data to private servers without the user even knowing about the same.
Source DNA a security analytics company, recently brought to light its discovery of about 256 apps that have been secretly gathering details about their users, which can actually be used to track them back. The details that were revealed by Ars Technica, tell that there were about 256 apps where the developers themselves were not aware, that their code was relaying personal data from users to secure servers over the internet.
Apple has finally responded to the find and is pretty pissed off that these apps got through right under their noses.
"We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines.”
As for what Apple plans to do with such a blatant violations of its App Store policies, “The apps using Youmi's SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly."
The whole incident is similar to what happened just a month ago in the XcodeGhost hack scenario. It is a case where developers downloaded laced tools to develop apps, which seemed pretty much normal when they went through the vetting process of the Apple App Store.
What they did not know, was that the software used to build those apps also added an unknown API that allowed a mobile ad provider Youmi to siphon private details from users for its own purposes.
That data would include, private information such as email IDs, unique serial numbers, and even details that would let the receiver track user locations.
For now Source DNA reported that only users in China have been affected since most of the apps have been developed by Chinese developers for that specific market. But there are plenty of big names like WeChat with millions of users that also made it to this list.
- DRIFE Begins Operations in Namma Bengaluru
- Sevenaire launches ‘NEPTUNE’ – 24W Portable Speaker with RGB LED Lights
- Inbase launches ‘Urban Q1 Pro’ TWS Earbuds with Smart Touch control in India
- Airtel announces Rs 6000 cashback on purchase of smartphones from leading brands
- 78% of Indians are saving to spend during the festive season and 72% will splurge on gadgets & electronics
- 5 Tips For Buying A TV This Festive Season
- Facebook launches its largest creator education program in India
- 5 educational tech toys for young and aspiring engineers
- Mid-range smartphones emerge as customer favourites this festive season, reveals Amazon survey
- COLORFUL Launches Onebot M24A1 AIO PC for Professionals