Apple Bans Hundreds of iOS Apps That Secretly Gathered Personal Information

On Monday, Apple removed hundreds of applications from its App Store due to the fact that they were unknowingly collecting personal information from anyone who utilized them.

topic_app_store_ios

According to SourceDNA, the company who originally discovered the problem, a majority of the 256 apps in question were made in China. These apps were available all over the world, and downloaded upwards of one million times.

Using a software development kit from a Chinese advertising company by the name of Youmi, the apps’ creators were allowed to place not-so-kosher advertising campaigns within the apps.

Youmi’s software gathered information such as email addresses and iPhone numbers from those who downloaded the apps, prior to sending the information back to their servers, and thus, bypassing Apple’s otherwise strict privacy policy guidelines set forth in the App Store terms of use. The way Youmi designed the software, apparently, enabled it to hide that information from Apple all the while.

SourceDNA first discovered the problem on Sunday October 18th, and the affected apps were removed from the App Store on Monday. The company did not specify which apps were affected.

ios7-app-store

“This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected,” Apple said in a statement Monday morning.

Anyone who downloaded the apps in question will still be able to use them, although perhaps for obvious reasons, future updates will not be available.

It’s important to note that data collection does not appear to be the developers’ fault; but rather, Youmi’s, since they were disguising the fact that their software was sending the data to its servers. Apple said it’s working with developers to update the apps so that they’re safe to use and compliant with the App Store’s guidelines.

This is the third in a recent string of Apple security breeches involving the App Store. Just last week, the Cupertino giant banned a selection of applications that were deemed able to breech encrypted communications between iPhones they were installed on and the servers that the phones communicated with.

Likewise, in late September, the App Store experienced a major security attack, forcing the company to remove dozens of apps that had been infected by the XCodeGhost malware. The malicious apps in question were capable of coaxing customers into providing their iCloud passwords in addition to opening dangerous webpages in the background without their knowledge.

Comments

Most Popular