- Aug 17, 2017
- 1,489
A popular app that promises to remove adware and malware from Mac computers is also “surreptitiously stealing” the user’s browser history, according to security researchers. Adware Doctor, which is currently ranked as the fourth most popular paid app in the Mac App store, collects and sends the browsing history of its users to a server in China in an apparent violation of Apple’s own guidelines and privacy rules for apps, security researcher Patrick Wardle wrote in a blog post published Friday.
Wardle, who is well-known for his research on Mac’s security, said that upon installation Adware Doctor asks users for permission to access the home directory, giving it the ability to access and potentially exfiltrate any file there. The app developers found a way to get around some of Apple’s sandboxing restrictions and download the user’s browsing history as well as a list of all processes running on their computer, according to Wardle and another security researcher that goes by the nickname Privacy1st. (Normally Mac apps are sandboxed, meaning they can’t access all parts of the operating system.)
Full Story Popular Mac Anti-Adware App ‘Surreptitiously Steals’ Your Browsing History, Researchers Say
Wardle, who is well-known for his research on Mac’s security, said that upon installation Adware Doctor asks users for permission to access the home directory, giving it the ability to access and potentially exfiltrate any file there. The app developers found a way to get around some of Apple’s sandboxing restrictions and download the user’s browsing history as well as a list of all processes running on their computer, according to Wardle and another security researcher that goes by the nickname Privacy1st. (Normally Mac apps are sandboxed, meaning they can’t access all parts of the operating system.)
Full Story Popular Mac Anti-Adware App ‘Surreptitiously Steals’ Your Browsing History, Researchers Say