Apple is facing data security risk again? Mac app steals the records of users

by removeos_admin 0 Comments

Top-selling app in Mac App Store has been exposed to steal the browsing history of users, and Apple blamed this for weak inspection.

According to medias, a top-selling app in Mac App Store has been found to steal browsing history of users. Since it’s quite sensitive to involve the data security of users, great attention has been drawn. Right after the exposure, Apple soon removed it from the store.
img201809080418330This app named “Adware Doctor”, is a security assistant software, claiming to guarantee the safe use of Mac and get rid of bothering pop-up advertisements. In the ranking of downloads and reviews, Adware Doctor is only second to the popular App Notability and Apple’s Final Cut Pro, etc.

Security researcher Patrick Wardle reported his discovery on his blog that Adware Doctor would track search and browsing history of users who used to install it, and send them to the server of developers.

Wardle said Apple has responsibility for that due to their weak inspection, which allowed apps to request for access of main directory and files of users. Many promoted themselves as anti-advertising tools, and access users’ files so that they can scan for issues. However, if the app developer is malicious or the app is taken use, it may collect or reveal information of any user.
img201809080418440

Apple always emphasizes that Mac App Store and iOS App Store are the “safest resources to download apps”, apps like Adware Doctor violated the rules and instructions of the store, including data collecting without users’ consent. This behavior has been persisting several years from it launch to the present and involving a large number of users, but Apple still put it in an Obvious position in Mac Apple Store at a price of $4.99 instead of conducting any investigation.

Right before this post was published, Apple has deleted Adware Doctor and another app of developers, i.e. AdBlock Master from Mac App Store.

Leave a reply

Your email address will not be published.

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>