A highly popular top-tier app in Apple’s Mac App Store that’s designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China.
What’s more concerning? Even after Apple was warned a month ago, the company did not take any action against the app.
The app in question is “Adware Doctor,” the Mac App Store No. 1 paid utility and also ranked as the fourth most popular paid app on the store, which sells for $4.99 and markets itself to be the “best app” to prevent “malware and malicious files from infecting your Mac.”
However, a security researcher with the @privacyis1st Twitter handle detected Adware Doctor’s suspicious spyware-like behaviour almost a month ago and also uploaded a proof-of-concept video demonstration of how the user’s browser history is exfiltrated.
The researcher informed Apple about the Adware Doctor’s suspicious activity during that time, but the app, from a developer named “Yongming Zhang,” remained available in the Mac App Store.
images from Hacker News