Exposing The SourMint Scandal With Danny Grander

from The Secure Developer · host Danny Grander, Guy Podjarny

Many developers and publishers serve as unwitting vehicles for malware. Today we speak with Snyk co-founder and Chief Security Officer Danny Grander about SourMint — a malicious SDK that has been integrated into popular apps, seeing a total of 1.2 billion downloads per month. That was before it was exposed by the Snyk research team. We open our conversation by summarizing the scandal and unpacking what SourMint is, with details on how it tracks Android and iOS user behavior while allowing for remote command execution. We then dive into how Mintegral, the creators of the SDK, hid its behavior before exploring the range of apps affected by SourMint. After chatting about the role that Snyk plays in hunting for malicious code, Danny shares insights into how they discovered SourMint. We talk about SourMint’s victims and how we can assign responsibility to both developers and marketplace vendors. Near the end of the episode, we reflect on the challenge of protecting people who are using old versions of apps that still have malicious SDK integrated into them. While the scale of SourMint’s reach seems unprecedented, it's a story that’s becoming increasingly common. Tune in to hear what we can do to protect ourselves from malicious code. Follow UsOur WebsiteOur LinkedIn

What this episode covers

In episode 81 of The Secure Developer, Guy Podjarny is joined by Danny Grander, Co-founder and Chief Security Officer at Snyk, to discuss SourMint - a malicious SDK that has been integrated into popular apps, seeing a total of 1.2 billion downloads per month. This was before it was exposed by the Snyk research team! Here, we summarize the scandal and unpack exactly what SourMint is, with details on how it tracks Android and iOS user behaviour while allowing for remote command execution. Guy and Danny also reflect on the challenge of protecting people who are using old versions of apps that still have malicious SDK integrated into them.

NOW PLAYING

Exposing The SourMint Scandal With Danny Grander

0:00 31:58

1×

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Share this episode

Similar Episodes

I'm ok

Mar 26, 2026 ·1m

Food Saved My Life

Mar 19, 2026 ·34m

Eat More Vegetables: The 4 Foods That Beat Ozempic (Naturally)

Feb 18, 2026 ·11m

How to End Heart Disease with Dr. Fuhrman

Feb 11, 2026 ·45m

Revolutionizing Breast Health: QT Imaging, Overdiagnosis, and What to Do Instead

Jan 27, 2026 ·35m

REMIX: Why we over-shop and compulsively acquire, and how to stop, with Dr Jan Eppingstall

Jan 9, 2026 ·61m

Similar Podcasts

MG Show MG Show The MG Show, hosted by Jeffrey Pedersen and Shannon Townsend, is a leading alternative media platform dedicated to uncovering the truth behind today’s most pressing political issues. Launched in 2019, the show has grown exponentially, offering unfiltered insights, comprehensive research, and real-time analysis. With a commitment to independent journalism and factual integrity, the MG Show empowers its audience with knowledge and encourages active participation in the political discourse. Ask A Spaceman Archives - 365 Days of Astronomy Ask A Spaceman Archives - 365 Days of Astronomy Podcasting Astronomy Every Day of the Year Breaking News Show | eTurboNews Juergen Thomas Steinmetz News is relevant to the global travel and tourism industry, human rights and global issues.Breaking news when it happens and only from the source. Eat to Live Jenna Fuhrman, Dr. Fuhrman Our health is our most precious gift and smart nutrition can change your life. Each month, join Dr. Fuhrman and his daughter, Jenna Fuhrman as they discuss important topics in the world of nutrition. Eat to Live will change the way you eat and think about food.

Frequently Asked Questions

How long is this episode of The Secure Developer?

This episode is 31 minutes long.

When was this The Secure Developer episode published?

This episode was published on November 20, 2020.

What is this episode about?

Can I download this The Secure Developer episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.

URL copied to clipboard!