GHSA-C6P9-24RC-JR5H Remote Code Execution and download tracking in Mintegral SDK

"This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google...

Remote Code Execution and download tracking in Mintegral SDK

"This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google...

CVE-2020-7745

This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners advertisers can remotely execute arbitrary code on a user device...

CVE-2020-7745

CVE-2020-7745 affects the MintegralAdSDK prior to 6.6.0.0, where the SDK includes malicious functionality acting as a backdoor that can allow remote code execution by Mintegral and its advertisers. The connected Snyk-derived documentation explicitly states the backdoor behavior and recommends upg...

CVE-2020-7744

This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Do...

CVE-2020-7744

This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Do...

Design/Logic Flaw

This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Do...

CVE-2020-7744

CVE-2020-7744 affects all versions of the com.mintegral.msdk:alphab component in the Android Mintegral SDK. Connected sources describe a malicious module that monitors downloads from Google domains or Google apps and from APKs, then exfiltrates the captured data to Mintegral’s servers, continuing...

Malicious 󠅮󠅰󠅭Package

Overview com.mintegral.msdk:alphab is a malicious package. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachments and Google Docs...

Malicious SDK found spying & defrauding users through iOS apps

By Deeba Ahmed The malicious SDK is distributed by China-based firm Mintegral. This is a post from HackRead.com Read the original post: Malicious SDK found spying & defrauding users through iOS apps...

Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud

A popular iOS software development kit SDK used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information. According to a report published by cybersecurity firm Snyk...

CVE-2020-7705

This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...