Apple removes apps that collect personal information from the App Store
Apple has removed about 250 apps from the App Store because they contained software from a Chinese advertising company that secretly collected personal information. The apps in question were made with a development kit called Youmi.
The apps that collected personal information were discovered by the security company SourceDNA. It said it found a total of 256 apps that called private APIs, something prohibited by Apple’s development guidelines. In doing so, SourceDNA discovered that the apps that snooped in private data were all developed using software made available by Youmi. Youmi is a Chinese advertising company that offers, among other things, a developer kit for iOS. It is also known that the collected data was sent to servers of the advertising company.
According to SourceDNA, the software retrieved data such as the list of installed applications, serial numbers and the user’s AppleID. Youmi probably wanted to use this information for marketing purposes, although the motives of the company have not been disclosed.
In a response to The Verge, Apple has indicated that the applications built with the Youmi SDK have been removed from the App Store. Also, future apps created with the sdk will be banned from the application store. In total, the removed applications are said to have been downloaded about a million times, probably mainly by users in China.