Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

Apple Removes Utility App Adware Doctor With Malicious Intentions That Stole Browser History

Moupiya Dutta
Moupiya Dutta
She finds it interesting to learn and analyze society. she keeps herself updated, emphasizing technology, social media, and science. She loves to pen down her thoughts, interested in music, art, and exploration around the globe.

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

Apple took down one of the top paid apps in the Mac App Store that was stealing browser history from its users and sending it to servers that appeared to be based in China. The app, Adware Doctor, removes malicious files and malware from Mac. Moreover, Patrick Wardle security researcher, found that the app was also collecting user data, including browser history, without consent and sending it to the Chinese server.

Apple confirmed that it removed the app but before it could take down. Adware Doctor had already reached the No. 1 spot in the paid utility app category and ranked fourth in top paid apps overall.

If the report is accurate as said by Patrick Wardle, Apple was aware of the malicious behavior of the app publishers for weeks, but it still hasn’t done anything about it. Wardle, while found the problem, discovered that the app creates a password-protected history zip and uploads the file to the server. He conducted a thorough analysis to determine how Adware Doctor steals your browsing history and where it sends the data.

After the analysis, he found that:

It’s (likely) just a copy and paste of Apple’s GetBSDProcessList code (found in Technical Q&A QA1123 “Getting List of All Processes on Mac OS X”). Apparently this is how one can get a process listing from within the application sandbox! I’m guessing this method is unsanctioned (as it clearly goes against the design goals of sandbox isolation). And yes, rather amusing the code Adware Doctor uses to skirt the sandbox, is directly from Apple!

He explains this unethical behavior as; Adware Doctor jumps through some hoops to steal and then upload your browser history from Chrome, Safari, and Firefox; the data is then compressed and sent to a server in China, where ‘something is done’ with it.

At no position does Adware Doctor ask to exfiltrate your browser history. And its reach to this very private data is clearly based on deceiving the user. – Patrick Wardle

Where the company themselves confirm that they prohibit such apps that collect data without consent, Wardle questions that why Apple has left the malware in the Mac App Store for a month despite alerting the company about his findings.

Note: This is to inform our readers about the finding of a researcher who a top paid app collects data. Apple has taken corrective measures to safeguard its users.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic