A Popular Mac App Stole Users' Browsing History

 | Nicole Nguyen 09/07/2018 3:36 PM MDT

Share this article

Credit: Wikipedia Commons

Apple has removed a top Mac app called Adware Doctor, designed to "prevent malware and malicious files from infecting your Mac," which, according to security researchers Patrick Wardle and Privacy 1st, was collecting users' browsing history without their consent, violating Apple's policies.

Wardle, who shared his findings with TechCrunch, found that Adware Doctor requested access to users' home directory and files — not unusual for an anti-malware or adware app that scans computers for malicious code — and used that access to collect Chrome, Safari, and Firefox browsing history, and recent App Store searches. The data is then zipped in a file called "history.zip" and sent to a server based in China via "adscan.yelabapp.com." Two independent security researchers confirmed to Motherboard that Wardle's report was accurate.

Mac apps are protected by "sandboxing," meaning apps can't access parts of the computer's file system the user hasn't granted permissions to. In this case, sandboxing protections were not bypassed. The user granted access to the home directory and its files, and the app did not explicitly gain consent for what it was doing with that access.