The security analytic platform SourceDNA has reported that the code got into the apps through an unauthorized third-party which advertised SDK, and in turn secretly stored data, and sent to their own servers. The security analytic firm used their new tool Searchlight, and with in-depth inspection, found SDK comes from a Chinese advertising company by the name Youmi.
This data collection method was added on slowing over the course of a two-year span period. There’s concern others may have mimic SDK and have not been deleted from the App store as of yet.
There is a speculation that most of these apps were developed in China, and targeted toward Chinese users. Most of the data collected secretly gathered from iPhone owners information such as: email addresses, unique serial numbers, and other personal identity information that normally use to track users.
Apple has removed these apps that were affiliated with the Chinese advertising company Youmi which used SDK in their apps, from the App store. As of yet, Apple or SourceDNA have not released or published a list of the apps affected.
Come comment on this article: Hundreds Of Apps Removed From Apple Store