Apple has recently removed the most popular anti-malware app known as Adware Doctor from the Mac App Store. The app was found to be secretly collecting user’s data and sending it back to the server situated in China.
Patrick Wardle is a popular security researcher who has made some big discoveries of issues with Apple before also. On Friday, he published a blog post on his objective-see blog which describes all the details about how the app violets the Apple’s app store policy and betrays its users. Wardle states that he has notified apple a month ago about the app. However, the app didn’t take the matter seriously at that time and removed the app recently.
What is sad is that it was reported by me on 12th of August and Apple didn’t even care… Attached are email screenshots pic.twitter.com/v6G783h1rA
— Privacy 1st (@privacyis1st) September 7, 2018
Wardle was not alone in its research. An unknown cyber-security researcher with id as @privacy1st on Twitter had reached apple regarding the issues with the app. As per the researcher, the app was collecting user’s browsing history and sending it back to servers in China.
Later, Privacy 1st also made a proof of concept video which describes the suspicious behavior in the app. Then Patrick Wardle of Digital Security and Thomas Reed of Malwarebytes separately investigated it and found the claims to be valid.
Based on their investigation, Adware Doctor used its lofty permissions to collect the browsing data from Chrome, Safari, and Firefox, and send it back to a server located in China via ‘adscan.yelabapp.com’ as a part of zip file known as ‘history.zip’
Before its removal, the app was priced at $5 and it was the number one paid app in utilizes category with an excellent 4.8 rating. The app describes itself as “to prevent malware and malicious files from infecting your Mac” and also provides a feature to remove adware which is already present in your system. However, as soon as the app has been download, it requests for high-level access to your system files and starts a process of working around Apple’s normal “Sandboxing” protections.
Apple’s lack of response to such a warning is a bit of concern based on its character. Apple’s App Store is mostly considered to be more secure as compared to its rival, Google Play Store. Issues occur in the App Store, but they should be fixed as soon as possible.