Apple has removed 250 apps from its App Store because they were secretly stealing Apple users’s account and device identifiers to Chinese advertiser Youmi. The developers of the apps were unaware that this was happening as they were simply using Youmi’s service to display ads.
It seems Apple was also not aware that this was happening because Youmi was accessing parts of Apple’s software that it was not supposed to under the terms of Apple’s developer agreement. Apple would normally pick up these types of abuses before listing apps in the App Store, but Youmi had gone to significant lengths to hide what it was doing.
Youmi is not alone in trying to circumvent Apple’s rules and access information that it is not supposed to. In an analysis of 2,019 applications from the iTunes App Store, researchers from Purdue University found that 7 percent of them were accessing “private APIs,” making them a security risk for anyone installing and using the apps.
