APPS
APPS
APPS
Mac App Store apps found to be stealing data from users
A number of apps found on Apple Inc.’s Mac App Store are alleged to be spying on users and stealing their data, according to a report from security firm Malwarebytes Inc.
Leading the list of apps is a tool called Adware Doctor, an app that claims to be the “best app” to remove a variety of common adware threats which target Mac users. Security researcher Patrick Wardle noted that the app deceptively exfiltrates private data, including browser histories, and then sends it to a remote server in China.
Spyware apps making their way into app stores are not unique, but most are obscure and rarely used. The opposite is the case with Adware Doctor. Before it was removed by Apple during the week, it rankedg as the fourth most popular paid app in the Mac App Store, meaning it potentially has an installed user base will into the millions.
Also included on the initial list:
- Adware Medic, a predecessor of Adware Doctor with nearly identical data-stealing capabilities.
- Open Any Files: RAR Support, an app that supports opening compressed files. It’s claimed to have also exfiltrated similar private data for several months late last year and this year and remains in the store as of Sept. 9.
- Dr. Antivirus, which is also claimed to exfiltrate browser history and a detailed listing of all installed apps. It appears to have now been removed from the Mac App Store.
- Dr. Cleaner, which like Dr. Antivirus steals data but in no longer available.
Since the initial report, another app with similar alleged data-stealing capabilities has since come to light, with 9to5Mac naming Dr. Unarchiver as allegedly stealing data.
“After extracting a zip file with the app, it offered an option to ‘Quick Clean Junk Files’. Selecting ‘Scan’ launched an open dialog with the home directory selected, this is how the app gets access to a user’s home directory, which it needs in order to collect the history files from browsers.” the report noted. “After allowing access to the home directory, the app proceeded to collect the private data and upload it to their servers (we blocked that with a proxy).”
The 9to5Mac report went on to claim that Dr. Unarchiver, Dr. Cleaner and others are being distributed by security firm Trend Micro Inc.
Since the apps are no longer in the Mac App Store, SiliconANGLE can’t confirm that they’re from Trend Micro. But an app called Dr. Playback is currently listed in the Google Play Store as coming from the company.
SiliconANGLE asked Trend Micro to comment on the report and will update this post if it responds.
Photo: Pxhere
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
