{"id":82852,"date":"2018-09-11T08:52:50","date_gmt":"2018-09-11T15:52:50","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=82852"},"modified":"2022-11-17T17:44:22","modified_gmt":"2022-11-18T01:44:22","slug":"how-safe-is-the-mac-app-store-privacy-violating-apps-uncovered","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/how-safe-is-the-mac-app-store-privacy-violating-apps-uncovered\/","title":{"rendered":"How safe is the Mac App Store? Privacy-violating apps uncovered"},"content":{"rendered":"

\"How<\/p>\n

Security professionals often advise users that Apple’s\u00a0Mac App Store is one of the safest places to download apps.<\/p>\n

After all, Apple has a review process that’s supposed to\u00a0help\u00a0prevent potentially harmful apps from ever being published.\u00a0Additionally, App Store apps are sandboxed<\/a>,\u00a0which is supposed to limit apps’ ability to engage in undesirable behavior. Together,\u00a0Apple’s app\u00a0review process and sandboxing\u00a0theoretically make\u00a0the App Store a more trustworthy software source than\u00a0most.<\/p>\n

Lo and behold,\u00a0new information has come to light that calls into question the safety of the App Store\u00a0platform. Many apps have recently been caught doing unscrupulous things, circumventing protections supposedly provided by the App Store, and invading users’ privacy.<\/p>\n

So then, just how safe\u00a0is the Mac App Store? And what should Mac users do?<\/p>\n

Multiple independent sources find privacy-violating apps<\/h3>\n

Last\u00a0Friday,\u00a0a few Mac security researchers independently published their findings regarding a number of Mac App Store apps that\u00a0employ questionable tactics, violate Apple’s guidelines, and\u00a0spy on victims’ computer activity.<\/p>\n

A Twitter user going by the name “Privacy 1st” (@privacyis1st<\/a>) recently\u00a0found some suspicious behavior in a popular App Store app, called Adware Doctor (full App Store title: “Adware Doctor:Anti Malware &Ad<\/strong>“) and began tweeting about it. Privacy 1st reached out to a Mac security researcher, Patrick Wardle, who did further investigation of his own.<\/p>\n

Privacy 1st and Wardle discovered<\/a> that Adware Doctor\u2014which recently achieved App Store stardom as #1 in Top Paid Utilities and #4 in Top Paid Apps\u2014was stealing users’ browsing history and more.<\/p>\n

\"\"

Adware Doctor steals Chrome, Firefox, and Safari browsing history, among other things. Image: Wardle<\/a><\/p><\/div>\n

For an app that\u00a0claims to\u00a0search for adware on the user’s account, it’s no surprise that\u00a0Adware Doctor requests access to the user’s home directory, since that’s where\u00a0any adware would reside.\u00a0However, after the user grants this access, the app proceeds to do some questionable things\u2014unrelated to the adware scan\u2014without informing the user.<\/p>\n

In the background, Adware Doctor\u00a0creates a password-protected zip archive containing the user’s Chrome, Firefox, and Safari browsing history, as well as the user’s App Store search history and a list of all the running apps, and then sends that zip archive to a server that’s evidently\u00a0located in China.<\/p>\n

All of this is done without the victim’s knowledge or consent.<\/p>\n