Apple has taken down one of its top-ranked paid utility app, Adware Doctor, from its Mac App Store. The app acted as a film on the MacOS to prevent malware and malicious files from infecting the device. It was removed from the app store due to violation of Apple’s policies.
Adware Doctor was found to be sending user data gained by it to a server in China without the permission of its users. According to a security researcher Patrick Wardle, the app collected user information like web browser history, app logs, etc from the machine it was installed on. After the data is collected, the app then packages it into a password protected zip file and sends it over to a server located in China for archiving.
Apple was first intimated about the security loophole by a Twitter user Privacy 1st, who posted a video highlighting what the app is doing last month. Apple, in a statement to BuzzFeedNews, stated that they did remove the app. However, they didn’t reveal any details as to why was it done.
This app was able to collect sensitive user information and send it to the Chinese server because of Apple’s sandboxing protection policies. Due to the app being a malware scanner, it didn’t require any permissions to access the local home directory and files of a system, and during scans, it would collect all the sensitive information and send it out as a report package to the Chinese server.
Apple will be implementing a much stricter sandboxing security policy with the launch of MacOS 10.14 Mojave, which will keep apps like Adware doctor in check.