Monday, September 10, 2018

Have YOU downloaded Adware Doctor? Popular Mac app pulled by Apple after revelation it 'acts like spyware' and steals browsing history and other personal data

Have YOU downloaded Adware Doctor? Popular Mac app pulled by Apple after revelation it 'acts like spyware' and steals browsing history and other personal data

  • Apple removed one of its top utility apps from the Mac App Store, Adware Doctor, after it was discovered to be stealing users' browsing history and data
  • The $5 app was meant to 'prevent malware and files from infecting your Mac'
  • Instead, it would scrape users' browsing history and other software data
The app, called Adware Doctor, was recording users' app data and browser history and sending it back to servers in China.  
Before it was pulled, Adware Doctor was the number one paid utility in Apple's Mac App Store.
Scroll down for video
Apple has removed a popular Mac app after it was found to be stealing users' data. The app, called Adware Doctor, was recording users' data and history and sending it to servers in China
Apple has removed a popular Mac app after it was found to be stealing users' data. The app, called Adware Doctor, was recording users' data and history and sending it to servers in China

WHAT IS SANDBOXING? 

Apple has a strict vetting process for apps that are allowed to be featured on its App Store. 
It uses a practice called 'sandboxing' to add an extra layer of security between users' systems and apps they download. 
Sandboxing prevents apps from accessing data on a user's hard drive, such as any software they've downloaded, as well as their browser history. 
Adware Doctor, which cost $5, was described as an app meant to 'prevent malware and malicious files from infecting your Mac.'  
The issues were first spotted by security researcher and former NSA hacker Patrick Wardle.
Wardle detailed the app's flaws in a blog post last month, but Apple only just removed the app today.
To many, the app hardly looked suspicious, having received more than 7,200 ratings - many of which gave it five stars. 
It was also listed next to other reputable utility apps like Final Cut Pro and Logic Pro X. 
Once users downloaded the app, it requested high-level access to their system files and home file directory.
This isn't particularly unusual for software that scans for malware or other malicious code. 
To many, the app hardly looked suspicious, having received more than 7,200 ratings - many of which gave it five stars. It was listed next to other utility apps like Final Cut Pro and Logic Pro X
To many, the app hardly looked suspicious, having received more than 7,200 ratings - many of which gave it five stars. It was listed next to other utility apps like Final Cut Pro and Logic Pro X
But the app took those permissions a step further by collecting a user's browser history, a list of other software and any apps you've downloaded. 
Adware Doctor then stored that data in a folder that's periodically compressed and sent to a server in China. 
In doing so, it was able to bypass Apple's typical 'sandboxing' protections, which separates apps from a user's operating system. 
'When an application runs inside a sandbox it is constrained by what files or user information it can access,' Wardle explained.
The Adware Doctor issues were first spotted by security researcher Patrick Wardle. Wardle detailed the app's flaws  last month, but Apple just removed the app today
The Adware Doctor issues were first spotted by security researcher Patrick Wardle. Wardle detailed the app's flaws last month, but Apple just removed the app today
'For example, a sandboxed application from the Mac App Store should not be able to access a user's sensitive browser history. But Adware Doctor clearly found a way.' 
Since the blog post was published, the server in China appears to have gone down. 
Apple hasn't yet issued a statement on the removal of Adware Doctor from the Mac App Store.

No comments:

Post a Comment

Comments always welcome!