Honestly... what's the difference between this kind of malware and the data-mining performed on websites, OSes (Windows 10, Android, iOS..), cellular companies, government backdoors, etal..? It's sickening (and criminal) that it's gotten to the point it has.
Did you read the article? This isn't a company intentionally mining user data, which is usually not criminal, as the EULA would have allowed those companies to do so. This is developers downloading Xcode from third-party sources, which are compromised and would inject third-party code to iOS apps sending analytics to a third-party server, without knowledge of the original developer.
Your missing the point of my comment. The whole system of data-mining, surveillance, stalking, sharing of data with untold 3rd-parties IS criminal - eula or otherwise. The only thing these guys did that breaks with 'current accepted (criminal) practices' is that they modified someone else's code to do what everyone else is already doing.
