Popular Mac App Store Utilities Caught Siphoning User Data

Nichole VegaSep 13, 2018

While Apple has already removed all these apps from the store, the shock for many is that the Mac App Store review policy didn't catch the nefarious action in the first place.

Wardle said Adware Doctor was the fourth-highest grossing paid application on the App Store, and topped the category of paid utilities. But what the app won't tell you is that for just a few bucks it'll steal and download your browser history - including all the sites you've searched for or accessed - to servers in China run by the app's makers.

'For example, a sandboxed application from the Mac App Store should not be able to access a user's sensitive browser history. The software security company denies these allegations and made their own statement in a blog post.

A number of apps found on Apple Inc.'s Mac App Store are alleged to be spying on users and stealing their data, according to a report from security firm Malwarebytes Inc.

It is being further reported that the cyber-security researcher @Privacy1st had also shot a proof-of-concept video in which he had listed out the details of suspicious behavior in the app. Both apps are collecting and uploading user data, including browsing history, to their servers.

The app in question is the Adware Doctor, which sells for $14.99 and promises to remove adware, malware and other nasty pieces of software from Apple PCs.

"It's blindingly obvious at this point that the Mac App Store is not the safe haven of reputable software that Apple wants it to be", Reed said.

Facebook's mobile VPN app Onavo Protect was pulled from the App Store in August after it was accused of using data collected from users for broader analytics purposes.

According to reports on the Malwarebytes forum, the apps collected browsing history from Safari, Chrome and Firefox web browsers, as well as information about which apps have been installed on the Mac.

The apps are Dr Antivirus, Dr Cleaner, and Dr Unarchiver, all under the developer account Trend Micro, Incorporated. This includes the one-time 24 hour log of browser history held for 3 months and permitted by users upon install. In addition to these apps stealing data, Reed noted in his analysis that at least two Trend Micro apps appeared to be acting improperly.

Apps like those made by Trend Micro are created to check if the sites you want to visit are potentially risky or have a poor reputation.

Apple has not commented on the removal of the Trend Micro apps that violated its privacy provisions, or why they were not discovered before despite testing.

Reed is telling Mac owners to be wary of unnecessary apps.

Related Articles:

« Previous article
Next article »

Popular Pages

Typhoon Mangkhut path MAPPED: Where will Super Typhoon make landfall?
Typhoon Mangkhut has already hit Guam resulting in flooding of streets, uprooting of trees as well as widespread power outages. Typhoon Haiyan left more than 7300 people dead or missing and displaced over 5 million in the central Philippines in 2013.

'Life-Threatening' Hurricane Florence Closes In On US East Coast
Yesterday officials in Beaufort County, home to Hilton Head Island, held a news conference and urged people to leave voluntarily. From North Myrtle Beach to Cape Fear, and Cape Lookout to the Ocracoke Inlet, water could rise 6 to 9 feet.

Kingdom Hearts III Latest Trailer Focuses On Big Hero 6 World
The Kingdom Hearts: VR Experience releases exclusively for the Playstation 4, later this year. Make sure you have the captions on and enjoy the short trailer below.

Apple Unveils New iPhone Xs, iPhone Xs Max and iPhone Xr
Those with an Apple TV can also tune in on the big screen via the Apple events app installed on the streaming device. We are seeing a lot of last-minute leaks today as Apple is scheduled to announce the new iPhones later today.

Sen. Mark Warner to vote against Brett Kavanaugh confirmation
They debated options, Schumer said, but decided on a strategy of staying in the room for questions, protest and disruption. Joe Donnelly in IN or Claire McCaskill in Missouri may benefit from a court battle that energizes the Democratic base.

Hurricane Florence map uses an unfortunate graphic to display devastation
Tobia reports on the latest in storm preparation from Wilmington, North Carolina. A satellite image showing Hurricane Florence in the Atlantic Ocean this week.

Susan Collins Crowdpac campaign for Brett Kavanaugh 'no' vote tops $800,000
Wade , while consulting with the Trump administration through the selection process. Susan Collins' opponents if she votes for him-but the plan could backfire.

Apple Watch 4 wants to keep you fitter and more alive
The Watch Series 4 will be available in some countries starting September 21, and global availability will follow later this year. Apple Watch Series 4 with GPS will start at $399, while the GPS + Cellular configuration will be available starting from $499.

Rupee plunge, crude oil spike to give states Rs 22,700 crore windfall
On Monday, petrol prices touched Rs 88.12/litre in Mumbai , while diesel cost Rs 77.32 per litre in Mumbai . On Monday, the petrol per litre in Andhra Pradesh were sold at Rs ₹ 85.60 and diesel at Rs 79.22 per litre.

Henry Cavill Is Out as Superman in DC Movies
In August, the New York Post reported Affleck was headed to rehab after an intervention by his ex-wife, Jennifer Garner. In December, Henry said he was looking forward to acting as Superman once again, and the studio had him under contract.