Users that download Adware Doctor -- the number one grossing paid app in the Utilities category on Apple’s Mac App Store -- should be warned: the app has been found to steal users’ browsing histories.
Though Apple was reportedly warned of the issue weeks ago, the company has yet to pull the app from the App Store.
For years, Apple has touted the security of its apps for iPhone and Mac, strictly on the basis that users can’t install apps that aren’t found in the App Store. Apple has incredibly strict criteria for allowing apps access to the App Store. The company rejects a staggering number of apps, thus blocking users from downloading them.
A look into Adware Doctor
For just $4.99, Adware Doctor promises to “keep your Mac safe” and “get rid of annoying pop-up ads” and “discover and remove threats on your Mac.”
However, that’s not all the app supposedly does. Last month, the security firm Malwarebytes posted a video on Youtube stating that Adware Doctor also steals and downloads users’ browser histories to servers in China that are run by the app’s creators.
Security researcher Patrick Wardle -- a former NSA hacker and current chief research officer at cybersecurity startup Digita Security -- discovered just how Adware Doctor was able to trip Apple’s system.
According to Wardle, Adware Doctor was able to bypass Apple’s sandboxing features, which are designed to prevent apps from stealing users’ data from the hard drive. Once through, he says it was possible to upload a user’s browser history from Chrome, Firefox, or Safari.
The app was also able to request access to users’ home directory and files -- which Wardle notes is common for malware protection apps, as they are designed to scan this information for any potential issues. However, he says that deficiencies in Apple’s cross-checking allowed the app to get through. When users grant the app that access, it collects and cleans any adware found. Wardle said the app can then collect and export any data it deems to be dangerous.
After collecting it, Wardle says the data is zipped into an archive file and sent to China.
“Let’s face it, your browsing history provides a glimpse into almost every aspect of your life,” Wardle said. “And people have even been convicted based largely on their internet searches!”
Apple has not yet commented on this issue.