Experts at security firm Snyk discovered a malicious behavior in an advertising SDK that is used in more than 1,200 iOS apps available in the Apple App Store. The advertising SDK SourMint developed by Mintegral, a China-based mobile advertising platform provider, is advertised as a tool to help app developers and advertisers to build monetized ad-based marketing. The malicious code can spy on user activity by logging URL-based requests made through the app. This activity is logged to a third-party server and could potentially include personally identifiable information (PII)”]
Source: https://securityaffairs.co/wordpress/107480/mobile-2/sourmint-sdk-malicious-behavior.html