UPDATED 21:38 EDT / SEPTEMBER 09 2018

APPS

Mac App Store apps found to be stealing data from users

A  number of apps found on Apple Inc.’s Mac App Store are alleged to be spying on users and stealing their data, according to a report from security firm Malwarebytes Inc.

Leading the list of apps is a tool called Adware Doctor, an app that claims to be the “best app” to remove a variety of common adware threats which target Mac users. Security researcher Patrick Wardle noted that the app deceptively exfiltrates private data, including browser histories, and then sends it to a remote server in China.

Spyware apps making their way into app stores are not unique, but most are obscure and rarely used. The opposite is the case with Adware Doctor. Before it was removed by Apple during the week, it rankedg as the fourth most popular paid app in the Mac App Store, meaning it potentially has an installed user base will into the millions.

Also included on the initial list:

  • Adware Medic, a predecessor of Adware Doctor with nearly identical data-stealing capabilities.
  • Open Any Files: RAR Support, an app that supports opening compressed files. It’s claimed to have also exfiltrated similar private data for several months late last year and this year and remains in the store as of Sept. 9.
  • Dr. Antivirus, which is also claimed to exfiltrate browser history and a detailed listing of all installed apps. It appears to have now been removed from the Mac App Store.
  • Dr. Cleaner, which like Dr. Antivirus steals data but in no longer available.

Since the initial report, another app with similar alleged data-stealing capabilities has since come to light, with 9to5Mac naming Dr. Unarchiver as allegedly stealing data.

“After extracting a zip file with the app, it offered an option to ‘Quick Clean Junk Files’. Selecting ‘Scan’ launched an open dialog with the home directory selected, this is how the app gets access to a user’s home directory, which it needs in order to collect the history files from browsers.” the report noted. “After allowing access to the home directory, the app proceeded to collect the private data and upload it to their servers (we blocked that with a proxy).”

The 9to5Mac report went on to claim that Dr. Unarchiver, Dr. Cleaner and others are being distributed by security firm Trend Micro Inc.

Since the apps are no longer in the Mac App Store, SiliconANGLE can’t confirm that they’re from Trend Micro. But an app called Dr. Playback is currently listed in the Google Play Store as coming from the company.

SiliconANGLE asked Trend Micro to comment on the report and will update this post if it responds.

Photo: Pxhere

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU