An iOS app SDK called Mintegral was found to contain malicious code that would hijack ad clicks so that iOS thinks a user clicked on one of its ads, instead of those belonging to a competitor. This SDK is used by over 1,200 apps representing over 300 million downloads per month.
The malicious code was uncovered in the iOS versions of the SDK from the Chinese mobile ad platform provider, Mintegral dating back to July 2019. The malicious code can spy on user activity by logging URL-based requests made through the app. This activity is logged to a third-party server and could potentially include personally identifiable information (PII) and other sensitive information. Furthermore, the SDK fraudulently reports user clicks on ads, stealing potential revenue from competing ad networks and, in some cases, the developer/publisher of the application.
Luke Kurtis shares his story of how Apple disabled his account after he unknowingly bought a fraudulent iTunes gift card. Although he eventually got his account restored, it took two months to get it back.
Had I not taken advantage of my internal Apple contacts, I may not have gotten my account back. I spent a large part of those two months in a kind of grief, mourning not only the loss of a collection of media built up over a decade and a half, but also all the products I owned that no longer functioned as they were supposed to. The company I had given so much money to over the years could revoke my access to everything with just the press of a button.
That’s pretty scary stuff. Now that Apple Card is a product, imagine getting locked out of your account, unable to pay off your Card because there isn’t a way to do it online.
David Murphy has a good tip: Create an email filter for your bank so you don’t miss important messages like fraud alerts.
Get specific when you set your filters, because you don’t want to accidentally drag in phishing emails that are attempting to pose as your bank. This shouldn’t be a problem if your email service is good about eradicating spam but, when in doubt, I’d probably try to set a combined filter for emails from your bank’s exact domain that contain the word “fraud,” rather than just a filter that catches subject lines with “your bank’s name” and “fraud.”
The DoJ charged a Pakistani man with bribing AT&T employees to install malware on the company’s network and unlock customer devices.
People are setting up multiple phones to create a “phone farm” to fake engagement with ads to earn money from certain apps. Vice spoke to several farmers and built their own setup.
With a marketing strategy called “incentivized traffic,” app developers take advertisements or other content that companies want to get in front of an attentive audience, and pay that audience to watch or interact with them.
Rather than actually watch ads, these phone farmers use as many as a hundred phones and sometimes automate the process to make it seem like someone is watching the ads in order to generate income.
This week Van-Seyla Mork of Kalamazoo, Michigan pleaded guilty to a US$1 million Apple scam. He filed fraudulent complaints to Apple customer support.
In 2014 Apple loaned US$578 million to GT Advanced Technologies to create sapphire glass displays. Now the Securities and Exchange Commission (SEC) revealed the supplier is being charged with fraud for allegedly withholding key information from stockholders.
“GT and its CEO painted a rosy picture of the company’s performance and ability to obtain funding that was paramount to GT’s survival while they were aware of information that would have catastrophic consequences for the company,” said the Anita B. Bandy from the SEC’s enforcement division.
The City of Roseville employee’s retirement fund is suing Apple over alleged securities fraud. Tim Cook and Luca Maestri are listed as defendants.
Specifically, the lawsuit claims that Apple was not initially forthcoming about a drop in demand for the iPhone due to poor sales in China and the 2018 battery replacement program, both of which contributed to lower than expected iPhone sales in the first fiscal quarter of 2019.
Nadia Minetto bought $6 million in iPhones and iPads, charging them to her company credit card. They didn’t notice until five years later.
Fake metrics, fake people, fake businesses, fake content, fake politics.