Malicious iOS Apps Stealing Users’ Private Info
- A list of apps installed on the victim’s phone
- Serial number of iPhones or iPads themselves when they run older versions of iOS
- A list of hardware components on iPhones or iPads running newer versions of iOS along with the components’ serial numbers
- E-mail addresses associated with the users’ Apple IDs
How iOS Malware Works?
What’s even More Bothersome?
The app developers who programmed those iOS applications aren’t even aware of the fact that their apps are mining users’ data.
Also Read: Popular Apple Store Apps Infected with Data-Theft Malware
“We believe the developers of these apps aren’t aware of this since the SDK is delivered in binary form, obfuscated, and user info is uploaded to Youmi’s server, not the app’s,” reads SourceDNA’s blog post. “We recommend developers stop using this SDK until this code is removed.”
Apple App Store Review Process Needs to be Stronger
It’s still unclear how Youmi’s SDK did not raise red flags at Apple.
Also Read: Apple Kicks Out some Malicious Ad-Blocker Apps from its Online Store