Sophie Blake
Tech giant Apple has spoken with Snyk researchers and announced it has found no evidence about the allegations of Mobvista-owned Chinese ad network Mintegral’s ad fraud across 1200 apps.
London based software company Snyk’s research team on Monday shared an article on its blog alleging that Chinese ad network Mintegral commited a major ad fraud across 1200 apps.
“We identified an SDK malicious component that is getting integrated into different iOS applications and getting into the App Store. That SDK is distributed as a regular ad network, something that developers can use to monetize their apps through ads.” said Snyk chief security officer and co-founder Danny Grander.
As reported by Forbes, the number of installs that allegedly affected apps have generated is 300 million for each month since July 2019.
One of these apps that allegedly used Mintegral’s SourMint SDK is the popular hyper casual game Helix Jump which surpassed more than 500 million app installs. Other affected apps include Talking Tom, PicsArt, Gardenscapes and Subway Surfers which have seen more than 3 billion downloads.
Following the allegations, the Chinese ad network shared its statement and said ”these allegations are not true. We are taking this matter very seriously and are conducting a thorough analysis of these allegations and where they are coming from. We have and will continue to uphold the highest standards of data privacy for users and our customers.”
Our statement regarding recent SDK allegations.
— Mintegral (@MintegralInc) August 25, 2020
Read more: https://t.co/Rva0yDg5TR pic.twitter.com/9VijVUMRFL
Speaking with Security Week, Apple has announced that it got in touch with the researchers at Synk to receive more information about the issue and said it has found no evidence that apps with the Mintegral SDK are harming users.
The company also said ”app developers are responsible for the behavior of their products, including the behavior of third-party code, and they should exercise caution when using third-party code to insure it does not accidentally undermine security and privacy.’’
