Apple Removes More Than 250 Apps From App Store Because of Malicious Ad SDK

Apple has recently removed more than 250 iOS applications from the App Store. The reason for such a radical step is a third-party advertising SDK called Youmi, which is prohibited by the App Store guidelines. When used in iOS applications, it allows to collect sensitive information, for example, Apple ID email addresses and device serial numbers and in such a way to violate user privacy. The issue has been discovered by a research firm called SourceDNA and immediately reported to Apple. The company has also provided Apple with a full list of apps using malicious ad SDK.

The total number of users who have downloaded applications with malicious advertising SDK is close to 1 million, analysts report.

The analytics firm, using its new developer tool Searchlight, found 256 affected apps, with an estimated 1 million total downloads, using one of the versions of Youmi in violation of user privacy. Its report claims most of the developers who used the SDK are located in China, and that many were likely unaware of the threat since the tool kit is delivered in binary form and obfuscated.

Several weeks ago, a new malware affecting iOS apps called XcodeGhost was discovered. Looks like Apple has a lot of work to do to improve the App Store security.

[via MacRumors]