One of Apple’s most popular utility app for Mac computers turned out to be spyware that steals users data. The app would collect user’s browsing history from Safari, Firefox, and Chrome and send it back to a server in China. Apple was notified a month ago by security researchers regarding the apps malicious nature and, as of today, has removed Adware Doctor from the Mac App Store.
Adware Doctor styles itself as a malware scanner that searches your computer for malicious files. It is the top paid utility apps in it’s Mac App Store, which makes it more alarming since Apple states that its apps have been inspected and vetted as far as security and privacy goes. The pilfering nature of the app was brought to light in a video by a security researcher that goes by the Twitter handle “Privacy 1st.”
Another security researcher, Patrick Wardle, makes an in-depth analysis on how Adware Doctor steals user data. Since the Adware Doctor is a malware and adware scanner, the user is required to grant the app read and write access to all files within the home directory. With these permission privileges, the app accesses web browser history, saves it in a file named history.zip, and sends it to a server named adscan[.]yelabapp[.]com.
Malware disguised as anti-malware software is a trick that has been used by bad actors many times in the past. What's concerning about this is how Adware Doctor is the top paying utility app for Mac in the app store.
Leave a Reply
Thank you for your response.
Please verify that you are not a robot.