Snyk security researchers found malicious code in the development kit of Chinese advertising platform Mintegral. When integrated into a mobile app, this SDK transmits a copy of all HTTP requests sent by the application in question, as shown in a demonstration video.
According to Snyk, this collection is not justified from the point of view of advertising management and represents an infringement of the protection of personal data. Indeed, these requests may contain personal information or authentication tokens. “Mintegral could monetize this data by selling it to third parties for analysis”, Snyk researchers guess. In a YouTube video, they show this data breach in a concrete way.
This collection is all the more suspicious as the SDK also carries out frankly illegal operations. Indeed, it intercepts advertising clicks within applications to attribute them to the Mintegral platform. In other words, this software steals advertising revenue from competing platforms.
This malicious SDK is integrated into over 1,200 iOS apps referenced by the App Store. Together, they add up to over 300 million downloads per month. Unfortunately, the researchers did not give the names of the affected applications. It is therefore difficult to know if the end user is affected by this collection.
Source : Snyk