A security firm by the name of Snyk.io recently revealed serious vulnerabilities in a Chinese Adtech company. This company, called Mintegral, is no stranger to controversy. Just earlier this year it was accused of ad fraud by gauging user interest in an app through illicitly collected data and subsequently generating fake ad clicks from that user which would give the company a payout from the app developer who will have been participating in some kind of an ad referral or bounty program. In spite of the fact that the developer is not really getting anything for what they were paying, the company generated revenue from them regardless by manipulating the system.
With all of that having been said and out of the way, it is important to note that the current scandal is a lot worse than what came before. A big part of the reason why that is the case has to do with the fact that the code that the company uses has been found to be suspect in every single way, shape or form. Not only have certain lines of malicious code been uncovered but at the same time a lot of backdoors have also been revealed in this code.
These backdoors can allow malicious actors to access any smartphone that they wish to look into. This puts the security of approximately 1 billion users at risk, and with Chinese firms already undergoing so much scrutiny due to the reason that their business practices are not seen as ethical, Mintegral needed to do some damage control fast which is why the company made their SDK clear to view for anyone that wished to check it out. This actually didn’t have the kind of effect that the company must have been hoping for as it just revealed more aspects of the code that people found worrisome.
Backdoor code that allows for remote execution could give malicious hackers complete control over a users phone, so this is a problem that needs to be addressed quickly before it ends up becoming far too much of an issue.
With all of that having been said and out of the way, it is important to note that the current scandal is a lot worse than what came before. A big part of the reason why that is the case has to do with the fact that the code that the company uses has been found to be suspect in every single way, shape or form. Not only have certain lines of malicious code been uncovered but at the same time a lot of backdoors have also been revealed in this code.
These backdoors can allow malicious actors to access any smartphone that they wish to look into. This puts the security of approximately 1 billion users at risk, and with Chinese firms already undergoing so much scrutiny due to the reason that their business practices are not seen as ethical, Mintegral needed to do some damage control fast which is why the company made their SDK clear to view for anyone that wished to check it out. This actually didn’t have the kind of effect that the company must have been hoping for as it just revealed more aspects of the code that people found worrisome.
Backdoor code that allows for remote execution could give malicious hackers complete control over a users phone, so this is a problem that needs to be addressed quickly before it ends up becoming far too much of an issue.
