The whole point of an App Store is that Apple monitors all apps for security, safety, and performance issues before allowing them on its store for millions of its users to download. However, Adware Doctor, the number 1 grossing paid app on the Mac App Store, was secretly stealing the browsing history of its users.
As Security researcher Patrick Wardle found, Adware Doctor required access to a user’s home directory and its files. This is not particularly uncommon for an app that claims to scan and remove all spyware and adware from your Mac. However, the app was silently collecting its user’s Safari, Chrome, and Firefox browsing history, zipping them into a file called “history.zip”, and silently sent to a server in China.
Much like iOS apps, Mac apps are also sandboxed which prevents them from accessing certain system files without explicit user permission. In this particular case, Adware Doctor gained access to a Mac’s filesystem based on the false pretext of scanning and removing adware from it.
While its common for free apps to indulge in such cheap tactics, Adware Doctor carried a price tag of $4.99. Apple was informed weeks ago about this potential privacy breach, but the company only responded back to the email saying “we can’t tell you anything.” It was only after this piece of news broke that Apple got around to pulling Adware Doctor from the Mac App Store.
This was not the first time that Adware Doctor was found violating the App Store’s guidelines. In 2016, the app was found abusing AppleScript to gain elevated privileges which violated the App Store guidelines. Most of the glowing reviews of the app on the App Store were fake as well.