Wardle found that the app, thanks to Apple’s own flawed vetting, could request access to the user’s home directory and its files.
Wardle found that the downloaded app jumped through hoops to bypass Apple’s Mac sandboxing features, which prevents apps from grabbing data on the hard drive, and upload a user’s browser history on Chrome, Firefox, and Safari browsers. TechCrunch gave an overview of Wardle's findings: Apple was contacted a month ago - around the time the original proof of concept video was shared online - and promised it would investigate, but the $4.99 app remains on the Mac App Store.
In his blog post, Wardle explains that Adware Doctor withdraws sensitive user data - predominantly any website you've searched for and browsed on - and sends it to servers in China run by the app's makers. A video posted in August gave a proof of concept to how the app "Adware Doctor" steals user data, and security researcher Patrick Wardle has now looked into the app and shared his findings with TechCrunch.Īdware Doctor's Mac App Store page says it will "keep your Mac safe" and "get rid of annoying pop-up ads." Besides being at the top of the Utilities chart on the Mac App Store, Adware Doctor is also currently the number five top paid app on the entire store in the U.S., behind apps like Notability and Apple's own Final Cut Pro. The number one top-selling paid Utilities app on the Mac App Store in the United States has been found to steal the browser history of anyone who downloads it, and is still on the App Store as of this article.
0 kommentar(er)
