Posted on September 9, 2018 at 3:00 PM
A leading premium utility on the Mac App Store thought to offer protection for computers is nothing short of a spyware itself. This utility product is also known as Adware Doctor and it is a disguised spyware. It works by gathering users’ browsing history from their various web browsers and sending them to a server based in China.
Adware Doctor which sells for $5 on the Apple’s Mac App Store has been revealed by security researchers to be nothing more than a spyware. The acclaimed security app has found its way to the storefront of Apple Store owing to the number of fake reviews it has managed to garner.
But instead of carrying out just the function it deceives the buyers to do, it has been found out that it does exactly the opposite. Once installed, Adware Doctor collects users browsing history and sends them straight to a Chinese server.
Initially, the developers of the application posted it on Mac App Store as Adware Medic. However, because it shared almost the same name as AdwareMedic by Malwarebytes, Apple had to remove it. In response to this, the developers changed its name to Adware Doctor and that was how it got Apple’s approval.
App Detected and Deleted
Since its approval, Adware Doctor has managed to get itself a number of excellent but fake reviews on the Mac App Store. Patrick Wardle who is a security researcher working with Privacy 1st said he intimated Apple on the malicious nature of its working.
This claim was also justified in a 9to5 Mac report. Eventually, Apple swung into action by deleting the app from its store following several other tech publications supporting this claim. Apple removed the disguised malware from its store on September 7, 2018.
How the Malicious App Works
Apart from the app sending users’ browsing history to a China-based server, it equally penetrates the iTunes history of users and other apps. Unfortunately, Mac’s sandbox protections cannot checkmate it since it poses as an app that scans the system for malware.
Wardle, however, noticed that Adware Doctor asks for universal access when it is first launched. Granting this request allows the spyware a kind of free space to collect information from other apps installed on the computer. As such, it can pretty much get the browsing history of browsers like Chrome, Safari, and the like on the system.
However, Apple has assured that MacOS Mojave would be released this fall and it is targeted at fighting applications like this. According to Apple, the new MacOS Mojave would make it impossible for disguising apps like Adware Doctor to access users’ browsing history.
Notwithstanding the spyware nature of Adware Doctor, Wardle admitted that it actually removes adware from users’ browsers. And according to a recently-released PCMag report, Adware no longer sends users’ browsing history to China. The report equally stated that the Chinese server is also no longer online.