Apple Removed Popular Security App from Its App Store for Violating Privacy Rules. Apple has removed a top anti-malware app from its App Store because it violated its privacy rules. Apple removed the very popular security app called Adware Doctor from the Mac App Store on Thursday (23Aug2018) because it was secretly gathering users’ browsing history and other sensitive information without their permission and then sending it to some server located in China.
The app, which sits fourth in in the Mac App Store’s top paid utility with a 4.8 star rating, is described as an adware protection and an anti-malware program that claims to be able to protect your Mac from malicious files and websites.
Apple was first notified about a month ago by a security researcher called Privacy_1st who discovered that Adware Doctor was quietly uploading Mac users’ personal data, their list of running processes and App Store search history from Safari, Chrome and Firefox browsers. This is then stored in a password-protected zip file called “history.zip,” and uploaded to a remote hosting site named “adscan.yelabapp.com” administered by someone located in China.
To illustrate this process of secretly uploading data to a remote server professional called data exfiltration, Privacy_1st created a proof-of-concept video where he illustrated what happens when the program is executed. He then contacted Patrick Wardle of Digita Security and Objective-See as well as Thomas Reed of Malwarebytes to help him on the analysis of this program.
Wardle released a blog post where he corroborated Private_1st’s findings and gave a detailed analysis about how the program would secretly gather a user’s app data and browsing details and then transfer it to a remote host.
Reed, the developer of Malwarebytes, says the malware program has a dubious history and his company had been monitoring it since 2015.
This app is one that we at Malwarеbytes have had our eye on since 2015,” Reed explained on Malwarebytes website. “
At that timе, we discovered an app on the App Storе named Adware Mеdic – a direct rip-off of my own highly-succеssful app of the same name, which became Malwarеbytes for Mac. We immеdiately began detecting this, and contactеd Apple about rеmoving the app. It was еventually removed, but was rеplaced soon after by an identical app named Adware Doctor.”
Unfortunatеly the App Store is rеally not the safе haven that Apple would likе people to think it is,
We dеtect and track a numbеr of different suspicious apps in the App Storе. Some of thosе have been rеmoved quickly, and others have takеn as much as six months to get removed. It’s not outright malware, but this junk softwarе that’s stеaling your data is pretty bad.”
It is not known what the users’ app data are being used for, but it is obviously worrisome that an app can be secretly collecting information and uploading it to an unknown organization in another country. According to latest reports, the remote server in China is currently offline.