Mac Adware Doctor App Discovered Stealing Sensitive Information of Users

One of the popular anti-malware app in Mac called Adware Doctor was discovered collecting sensitive information of users without permission and sending it to someone in China.

A security researcher named Privacy 1st identified it first and said that the app collects user browsing history from the Safari, Chrome, Firefox browsers, APP store search history and from a set of running processes.

Latest Hacking News

The gathered data is then converted into a password protected zip file called history.zip and uploaded to a remote server.

Privacy 1st and Patrick Wardle, a researcher at Objective-see did a detailed analysis on this and discovered that history.zip file was uploaded to a remote host named adscan.yelabapp.com.

Latest Hacking News

The domain is hosted on Amazon AWS servers, and when checking DNS records, it showed names related to China.

The researcher said that he has notified Apple about the app and it took Apple about one month to remove the app from the app store.

Adware Doctor is an anti-malware app which has a 4.8-star rating and has over 7000 reviews. The app is also number 1 paid utility app in the app store.

Here below is the analysis video done by Privacy 1st on the incident:

If Apple is really “review[ing] each app before it’s accepted by the store” … how were these grave (and obvious) violations of this application missed!? Who knows, and maybe this one just slipped through. Maybe we should give them the benefit of the doubt, as yes we all make mistakes!, But this bring us to the next point. Apple also claims that “if there’s ever a problem with an app, Apple can quickly remove it from the store”. Maybe the key word here is “can”.said in the blog post published by the researcher.

For the latest cyber threats and the latest hacking news please follow us on Facebook and Twitter.

You may be interested in reading: OilRig APT Group spotted using a new Trojan called OopsIE against Middle East Organizations

 

Comments

Please rate this content

You May Also Like