Apple has confirmed a purge of 256 apps, mostly from the Chinese App Store, that used a private API built by mobile advertising firm Youmi that collected personal data from the iPhone or iPad.
Originally spotted by SourceDNA, Youmi baked tracking and collection tools into the advertising API without telling developers. Apple is working with the affected developers to get the apps back on the market, which total 1 million downloads.
Related: Apple music is more popular with old farts, new study suggests
Youmi was able to collect device serial numbers, apps installed, and Apple ID email addresses. This information can be sold on the black market for a price, especially the email addresses that spammers could use to pretend to be Apple.
The advertising API was incapable of much else however, which hopefully means even iPhones and iPads that aren’t updated won’t be hit with malicious attacks. Apple is working to make sure all users affected are safe and updated to the latest version of iOS.
It is one of the rare occasions the review team failed to spot a non-verified API. In China, development is much less centered around Xcode, meaning developers can sometimes download fake APIs without knowing.
Related: Thieves can steal cash by texting an ATM with latest malware
Apple has cautioned developers in the past about developing outside of Xcode. It claims that those apps are more vulnerable to malicious attacks, which stem from Apple being unable to verify the contents. Proof of this happened last month, when 25 apps including Tencent’s WeChat and Baidu Music were pulled for using a fake version of Xcode.
Another malicious app offered users the ability to use a defunct media player, which, once downloaded, ran full-page Safari ads and blocked users from removing it. At home in the U.S., Apple also removed a bunch of apps that offered a way to block native ads inside of apps, most notably the controversial app Been Choice.
- Apple throws selected apps out of the App Store, all in the name of privacy and security
- Apple Music debuts as the No. 14 smartphone app in July 2015
- Microsoft testing ‘NewsCast’ mobile app that reads you the news
- 30 must-have Pebble Time apps, watchfaces, and games for your wrist
- Apple puts a stop to app reviews left by anyone with a device running iOS 9 beta
from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1OET5Yd
David Curry
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM