The number one top-selling paid Utilities app on the Mac App Store in the United States has been found to steal the browser history of anyone who downloads it.
Security researcher Patrick Wardle, On his website Objective-See.com, in collaboration with a Twitter account, called @privacyis1st, which was first to spot the issue, Wardle lays out the case that Adware Doctor is stealing users’ browser histories.
Adware Doctor’s Mac App Store page says it will “keep your Mac safe” and “get rid of annoying pop-up ads.” The app claims to remove adware threats from a Mac, including extensions and cookies in browsers, but Patrick Wardle advises the “cleaning” process involves collecting the browsing history of the user, as well as a list of all running processes, and a list of software downloaded to the Mac.
While Apple has processes in place to prevent apps from accessing data it did not have permission to view, the app uses a loophole to work around the restrictions.
In Patrick Wardle’s blog post, he explains that Adware Doctor withdraws sensitive user data — predominantly any website you’ve searched for and browsed on — and sends it to servers in China run by the app’s makers.
Apple was contacted a month ago — around the time the original proof of concept video was shared online — and promised it would investigate, but the $4.99 app remains on the Mac App Store.
Today, Apple confirmed that Adware Doctor has been removed from the Mac App Store, along with the developer’s other app “AdBlock Master.”