[filleokus]

> Mintegral SDK uses a technique called method swizzling to replace implementations of the UIApplication openURL and SKStoreProductViewController loadProductWithParameters methods at runtime

Naive swizzling of system API's will be detected/stopped by App Review, right? Or perhaps only if it's private methods?

[alyssam_infosec]

I've been looking but haven't found a good systematic way to review code to find this. In the case of Mintegral, there were a number of obfuscations to make it difficult to recognize. Swizzling, while a bad practice in general, can be done for legitimate reasons. So you need to be able to detect what method they're looking up with _method_getImplementation and changing with _method_setImplementation which is the part that can be difficult. So far, I've found one old project in GitHub from 2016 that was designed to do this. However it's stale and I haven't had a chance to review it yet to see how effective it is.

[whizzter]

Depends, as the article states the swizzling is only activated unless there is debuggers,etc or the app being in the "wrong" region.

Not entirely sure how Apple's review-process works but if a majority of it is done in Mountain View there's a large chance that most reviewer devices aren't well spread out w/r/t to setting them to other regions.