Apple has removed the ‘Adware Doctor’ app from the Mac App Store after it found that the app was stealing the browser history of the users who had downloaded it. When Apple removed the app, it was reportedly the top-trending paid app on the store. Tech Crunch said that Apple was warned weeks ago and did nothing to pull the app offline.
The ‘Adware Doctor’ app promises to “keep your Mac safe” and “get rid of annoying pop-up ads” — and even “discover and remove threats on your Mac.” According to the tech news platform, for a few bucks, the app stole and downloaded the users’ browser history to servers in China run by the app’s makers. The revelation was done in a video posted last month on YouTube and with help from security firm Malwarebytes. Security researcher Patrick Wardle, a former NSA hacker and now Chief Research Officer at cybersecurity startup Digita Security shared his findings with TechCrunch.
Wardle claimed that “the downloaded app jumped through hoops to bypass Apple’s Mac sandboxing features, which prevents apps from grabbing data on the hard drive, and upload a user’s browser history on Chrome, Firefox and Safari browsers.” “When a user allowed the access to user’s home directory and its files, the app detected and cleaned adware but if found to be malicious, it can “collect and exfiltrate any user file,” Wardle was quoted as saying. Once the data is collected, it’s zipped into an archive file and sent to a domain based in China.
“Let’s face it, your browsing history provides a glimpse into almost every aspect of your life. And people have even been convicted based largely on their internet searches!” Wardle said. The researcher also says that the China-based domain went offline and the app’s access to such data “is clearly based on deceiving the user."