Adware Doctor is one of the most popular paid apps in the App Store for Macs, and it’s on sale! Unfortunately, you probably don’t want to take advantage of the bargain because new research shows it’s essentially spyware and is periodically transmitting user data to a server in China.
Patrick Wardle is a respected security researcher who’s made some big discoveries of issues with Apple before. On Friday, he published a post on his Objective-See blog that details the ways in which Adware Doctor violates Apple’s App Store policy and betrays its users.
Wardle says he notified Apple weeks ago, but as of early this morning it was still available and was the fourth-most-popular paid app overall. It was also the number one paid app in the “utilities” category with a sterling 4.8 rating that Wardle is pretty certain is being gamed. Adware Doctor has since been removed from the App Store.
The app claims to prevent “malware and malicious files from infecting your Mac”, and it offers the ability to remove adware that is already on your system.
But according to Wardle, once the app has been downloaded, it asks for high-level access to your system files and begins a process of working around Apple’s normal “sandboxing” protections.
Apple is known for having a strict vetting process for what’s allowed in its App Store, and apps are typically separated from each other and the operating system. But according to Wardle, Adware Doctor uses some workarounds to gather a user’s browser history and a list of the user’s software. It stores that in a folder that periodically gets zipped up and sent to a server in China, Wardel found.
Wardle isn’t alone in his findings. He was prompted to look into the app after a security researcher that goes by Privacy 1st posted a video that demonstrated Adware Doctor’s shady activity. And Motherboard verified the accuracy of Wardle’s report with two independent experts.
We’ve reached out to both Apple and Adware Doctor’s developers for comment but didn’t receive an immediate reply.
Apple’s lack of response to early warnings on this issue is a bit out of character. The App Store is generally considered to be far safer than its Android counterpart, Google Play. Mistakes happen, but they should be fixed as quickly as possible.