‘More Than A Billion’ Phones Wide Open To ‘Backdoor’ Remote Code Execution In Adtech Company’s Code

fraud phones security privacy crowd smartphones

Malicious code impacting more than a billion smartphone owners is currently in the wild and enabling remote code execution, according to security firm Snyk.io. Remote code execution is a very serious security violation, and basically enables the owner of that code do almost anything they want on your phone.

“We were able to build a proof of concept that showed how the backdoor makes it possible for Mintegral to invoke any function and execute arbitrary code via the SDK,” the company says. “This is a significant compromise of device security model and users’ privacy and stands in direct violation of Apple’s policy.”

Get the full story in my post at Forbes …