An app for Mac App Store & Adware Doctor & # 39; discovery stealing the user's browsing history [Update: Removed]

It was found that the number one application of the best-selling paid utilities on the Mac App Store in the US stole the browser history of all those who downloaded it and was still in the App Store from this article . A video posted in August gave proof of concept to how the "Adware Doctor" application steals user data, and security researcher Patrick Wardle has now viewed the application and shared his findings with TechCrunch.

The Mac App Store page of Adware Doctor says that it will "keep your Mac safe" and "get rid of unwanted ads". In addition to being at the top of the Utilities table on the Mac App Store, Adware Doctor is also currently the fifth-largest paid app in the US, behind applications such as Notability and Apple Cut Cut.

In his blog post, Wardle explains that Adware Doctor removes sensitive data from users – primarily any website that you have searched for and browsed – and sends it to servers in China managed by the application's manufacturers. Apple was contacted a month ago – about the time the original proof of concept video was shared online – and promised to investigate, but the $ 4.99 app stays on the Mac App Store.

TechCrunch provided an overview of Wardle's findings:

Wardle discovered that the downloaded application was jumping through the arcades to bypass Apple's Mac sandboxing features, which prevented applications from entering data on the hard drive and would download the user's browser history to the users. Chrome, Firefox and Safari browsers.

Wardle found that the application, through Apple's wrong assessment, could request access to the user's home directory and files. According to Wardle, this is not unusual because tools that sell as anti-malware or anti-adware are waiting for access to the user's files to detect problems. When a user authorizes this access, the application can detect and clean adware, but if it turns out to be malicious, they can "collect and exfiltrate any file user, "said Wardle.

Once the data is collected, it is compressed into an archive file and sent to a China-based domain.

Towards the end of his post, Wardle discussed the ramifications of Adware Doctor and the privacy issue it presents, stating, "The fact that the app has subtly infiltrated users' browsing history, perhaps be for years —– up! "The researcher also points out that Apple itself boasts the Mac App Store as" the safest place to download applications for your Mac ", which is often true .

Since the application violates many of the rules and guidelines of the App Store, particularly with respect to user consent to data collection, Wardle hopes that the increased visibility of the harmful data collection of Adware Doctor will urge Apple to act. Even if Mac App Store customers who were using the app would never be able to retrieve their private browsing history, the researcher says Apple could begin to fix the problem by removing the app and refunding all affected users. .

Updated 8h52 PT: Apple confirmed that Adware Doctor has been removed from the Mac App Store, as well as the other app from the developer "AdBlock Master".