This Mac application is spyware that collects the history of your browser | News and reviews

A popular Mac application called Adware Doctor seems to be a spyware that can secretly send your browser history to China.

On Friday, two security researchers released a report detailing how the application will secretly record your browser's history in a password-protected zip file, which will then be uploaded to a server based in China. The application specifically collects the websites you have visited on Safari, Chrome and Firefox browsers.

In addition, Adware Doctor will also steal the history of your searches in iTunes and determine all other applications installed on a Mac. "The fact that the application has surreptitiously infiltrated users' browsing history, maybe for years, is, to say the least, rather f # @ & & # 39; d up!" wrote Patrick Wardle and another security researcher who has the same name "Privacy 1st. "

Privacy 1st spotted the spyware function of the application in August and notified to Apple. However, the product remained on the App Store until Friday morning when the media began publishing information on the findings of the security researchers.

Why Apple has not acted earlier to remove the application is not totally clear. But the company told PCMag that it actually removed the product from the App Store. On Friday, before its removal, Adware Doctor, $ 4.99, was the fifth paid application on the official Apple store.

In a blog post, security firm Malwarebytes said it had been monitoring the application since 2015. "At that time, we discovered an app on the App Store named Adware Medic – a direct scam from my own very successful application of the same name, which became Malwarebytes for Mac, "wrote Thomas Reed, Director of Mac and Mobile at Malwarebytes. "We immediately started to detect this and we contacted Apple to remove the application and it was eventually removed, but was replaced soon after by an identical application named Adware Doctor."

Reed said that Malwarebytes has "continued to fight against this application, as well as others made by the same developer, and it has been deleted many times now, but in a continuous failure of the review process of Apple, it is still replaced by a new version before long. "

The developer of Adware Doctor is listed under the name of Yongming Zhang; no website or contact information is provided.

On the plus side, Wardle and Privacy 1st notes that the application actually seems to clear your adware browser; the data collection also seems to have stopped a few days ago.

However, the whole question highlights the risk of assuming that everything is safe on the Mac App Store. Adware Doctor has received more than 6,000 five-star reviews, but security researchers doubt that positive affirmations are real.

Software installed on the Mac App Store can not usually access other applications on your computer. However, Adware Doctor will bypass this restriction by asking the user to access a Mac directory, under the pretext of having to scan your computer for adware and malware. As a result, the application can bypass the sandbox protections built into macOS.

"At no time, Adware Doctor has asked to extract the history of your browser and its access to this very private data is clearly based on the fact of deceiving the user", wrote the researchers.

Apple told PCMag that MacOS Mojave, scheduled for the fall, will include a new privacy protection that will prevent rebel applications from pulling Safari browser logs. This protection will be in place even when a user grants access to the application to the base directory of the computer. However, Apple has not commented on what it would do to prevent other spy-like applications from infiltrating the App Store.