During the past few days, several cybersecurity researchers have highlighted a plethora of malicious apps on the Mac App Store that tracks user data. While Apple continuously vows for ensuring user privacy and security, the presence of such apps on the Mac App Store has certainly riled people up – however, Apple seems to have finally taken notice of the reports from the researchers. Recently, Apple has taken down the famous app Adware Doctor from the app store after receiving reports about its data-stealing practices.
Famous App ‘Adware Doctor’ Stole User Data
A researcher with the alias Privacy1st on Twitter noticed the suspicious behavior of the famous Adware Doctor app. He then began working on this adware removal tool only to confirm his speculation for the app regarding its data pilfering practices. He presented his findings in a YouTube video, where he also showed the facts about another data tracking app ‘Komros’.
While he kept reporting the matter repeatedly, the app remained there on the Mac App Store for about a month. Following his findings, another researcher, Patrick Wardle, stepped up to support his findings. He presented the POC in his blog post in which he also confirmed that the app pilfered user data and stored it on a Chinese server.
Apple Seemed Slow To Pull Off The App
Both the researchers, Privacy1st and Patrick Wardle clearly advised that they reported the app to Apple in the previous month. Although, Apple officials acknowledged the receipt of their complaints quickly, they then stated that they won’t be informing the researchers about any progress regarding their complaints. Since then, the app remained there on the app store, and they got no update about the fate of their complaints.
Thomas Reed from Malwarebytes Labs also states in his blog about this app, whilst highlighting numerous other apps that track user data. According to him, they have been watching this developer for the past three years. They have also reported the suspicious apps to Apple several times. However, the app kept entering the App Store repeatedly with different names.
He clearly deems it a “continued failure of Apple’s review process” that the same malicious app gets a place on the App Store again and again.
Adware Doctor Removed From Mac App Store
Nonetheless, after all the chaos, Apple has finally pulled off Adware Doctor from the Mac App Store after a month from the initial reports. However, Privacy1st still points out to the other malicious app from the same developer ‘Komros’ is still present.
Besides, the researchers have also found some apps from the Trend Micro Company that also exfiltrate user data. Reportedly, these apps also send data to Chinese servers.
Once again, as stated by Privacy1st, Apple has been formally informed of all these apps violating their app store guidelines. Earlier, Apple has removed Facebook’s Onavo VPN from the app store for collecting user data. We hope this time Apple removes the remaining malicious apps quickly but until then, all users should be wary of these apps. Make sure to thoroughly review the app permissions before using a newly installed app on your device.
Let us know your thoughts in the comments section.