Latest in Gear

Image credit: AOL/Dana Wollman

Top-grossing Mac App Store app steals users’ browser histories

And it uploads them to servers in China.
1443 Shares
Share
Tweet
Share

Sponsored Links

AOL/Dana Wollman

Adware Doctor is a top app in Apple's Mac App Store, sitting at number five in the list of top paid apps and leading the list of top utilities apps, as of writing. It says it's meant to prevent "malware and malicious files from infecting your Mac" and claims to be one of the best apps to do so, but unbeknownst to its users, it's also stealing their browser history and downloading it to servers in China.

Twitter user @privacyis1st tweeted a video about the issue last month and then investigated it with security researcher Patrick Wardle. Wardle does a deep dive into how Adware Doctor works on his blog Objective-See, which you can check out here, but essentially, the app sidesteps Apple's sandboxing features and snags browser histories from Chrome, Firefox and Safari. "Now, an anti-malware or anti-adware tool is going to need legitimate access to user's files and directories -- for example to scan them for malicious code," Wardle explains. "However, once the user has clicked 'Allow,' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files. So yes will be able to detect and clean adware, but also collect and exfiltrate any user file it so chooses!"

Wardle points out the the app is in violation of Apple's App Store Rules & Guidelines. But though he notified Apple of the issue a month ago, it's still available on the App Store, which is troubling to say the least. Stealing users' browser histories is a serious privacy issue and "rather f#@&'d up," as Wardle puts it.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1443 Shares
Share
Tweet
Share

Popular on Engadget

‘Harry Potter: Wizards Unite’ gathered location data while users slept

‘Harry Potter: Wizards Unite’ gathered location data while users slept

View
Yahoo is shutting down its Groups website and deleting all content

Yahoo is shutting down its Groups website and deleting all content

View
Google discontinues Clips, the AI-powered camera you forgot about

Google discontinues Clips, the AI-powered camera you forgot about

View
Netflix grows to 158 million subscribers as Disney+ looms

Netflix grows to 158 million subscribers as Disney+ looms

View
Virgin Galactic passengers will wear these Under Armour spacesuits

Virgin Galactic passengers will wear these Under Armour spacesuits

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr