Backdoored ad library exposes 'thousands' of iOS apps to malicious activity
mobiSage ad library used by over 2,000 apps provides backdoor access to data and devices, FireEye says
A "high-risk" code has affected thousands of iOS apps through "backdoor" versions of an ad library, according to a report put out by FireEye today.
According to the security vendor, an error in the ad library, thought to be adSage's mobiSage SDK, has allowed backdoor access to a total of 2,846 apps original published on the Apple App Store. These apps used the mobiSage ad library to display ads, potentially allowing for malicious access to sensitive user data and device functionality.
adSage is based in China and its mobiSage SDK is used mainly by Chinese app developers to display ads.
Seventeen distinct versions of the backdoored ad library were discovered (version codes 5.3.3 to 6.4.4). However, in the latest mobiSage SDK publicly released by adSage - version 7.0.5 - the backdoors are not present, FireEye said.
FireEye added that the ad library could also expose users to additional risks such as the background monitoring of SMS or phone calls, stealing email messages and demolishing arbitrary app installations.