Mac App Store App 'Adware Doctor' Discovered Stealing User Browsing History [Update: Removed]

The number one top-selling paid Utilities app on the Mac App Store in the United States has been found to steal the browser history of anyone who downloads it, and is still on the App Store as of this article. A video posted in August gave a proof of concept to how the app "Adware Doctor" steals user data, and security researcher Patrick Wardle has now looked into the app and shared his findings with TechCrunch.

adware doctor mas
Adware Doctor's Mac App Store page says it will "keep your Mac safe" and "get rid of annoying pop-up ads." Besides being at the top of the Utilities chart on the Mac App Store, Adware Doctor is also currently the number five top paid app on the entire store in the U.S., behind apps like Notability and Apple's own Final Cut Pro.

In his blog post, Wardle explains that Adware Doctor withdraws sensitive user data -- predominantly any website you've searched for and browsed on -- and sends it to servers in China run by the app's makers. Apple was contacted a month ago -- around the time the original proof of concept video was shared online -- and promised it would investigate, but the $4.99 app remains on the Mac App Store.

TechCrunch gave an overview of Wardle's findings:

Wardle found that the downloaded app jumped through hoops to bypass Apple’s Mac sandboxing features, which prevents apps from grabbing data on the hard drive, and upload a user’s browser history on Chrome, Firefox, and Safari browsers.

Wardle found that the app, thanks to Apple’s own flawed vetting, could request access to the user’s home directory and its files. That isn’t out of the ordinary, Wardle says, because tools that market themselves as anti-malware or anti-adware expect access to the user’s files to scan for problems. When a user allows that access, the app can detect and clean adware — but if found to be malicious, it can “collect and exfiltrate any user file,” said Wardle.

Once the data is collected, it’s zipped into an archive file and sent to a domain based in China.

Towards the end of his post, Wardle discussed the ramifications of Adware Doctor and the privacy issue it presents, stating, "The fact that application has been surreptitiously exfiltrating users' browsing history, possibly for years, is, to put it mildly, rather f----- up!" The researcher also points out that Apple itself touts the Mac App Store as "the safest place to download apps for your Mac," which is often true.

Given the app violates numerous App Store Rules and Guidelines, namely including user consent on data collection, Wardle hopes that the increased spotlight on Adware Doctor's nefarious data collecting will make Apple take action. Even though Mac App Store customers who used the app would never be able to get their private browsing history back, the researcher says that Apple could begin to address the situation "by pulling the app and refunding all affected users."

Update 8:52 a.m. PT: Apple confirmed that Adware Doctor has been removed from the Mac App Store, along with the developer's other app "AdBlock Master."

Top Rated Comments

themcfly Avatar
50 months ago
And that is what happens when you install a security software in a system that doesn't really need one.
Score: 62 Votes (Like | Disagree)
Bornee35 Avatar
50 months ago


Attachment Image
Score: 31 Votes (Like | Disagree)
Jimmy James Avatar
50 months ago
Why does it always have to be a server in China?
Score: 22 Votes (Like | Disagree)
Trusteft Avatar
50 months ago
Chinese software, who could have imagined it being a security issue!
Score: 21 Votes (Like | Disagree)
stevie grant Avatar
50 months ago
Don't worry. Apple will always do the right thing.

Eventually. Either under penalty of the law, or due to public shaming.
Score: 20 Votes (Like | Disagree)
Logic368 Avatar
50 months ago
Why does the Mac App Store still exist? It only has ****** scam apps and nothing that you actually need. Furthermore, you’re supposed to trust the App Store, because it’s “curated”, but then this kind of stuff happens. It would be better if Apple simply posted a “Gallery” of apps, like they do for safari extensions.
Score: 18 Votes (Like | Disagree)

Popular Stories

home app ios 16

Apple Confirms iPad Will No Longer Be Supported as a Home Hub in iOS 16

Wednesday June 22, 2022 12:38 pm PDT by
The iPad will no longer be able to be used as a home hub following the launch of iOS 16, iPadOS 16, macOS Ventura, and the HomePod 16 software this fall, Apple confirmed today. As discovered in iOS 16 code by MacRumors contributor Steve Moser, Apple says that the iPad will no longer be supported as a home hub. This information will be displayed in the Home app after updating to iOS 16.A home ...
apple ar headset concept 2

Apple CEO Tim Cook Hints at AR/VR Headset: 'Stay Tuned and You'll See What We Have to Offer'

Wednesday June 22, 2022 6:34 pm PDT by
CEO Tim Cook this week did an interview with China Daily, where he once again commented on on the future of augmented reality and hinted at Apple's work on an AR/VR headset. Render via designer Ian Zelbo Cook said that Apple is excited about the opportunities available with augmented reality, which is not too far off from prior comments that he's made, but he went on to say that people should ...
customize wallpaper setting ios 16

iOS 16 Beta 2 Tidbits: New Wallpaper Colors, Backup Over LTE, SMS Filtering and More

Wednesday June 22, 2022 2:16 pm PDT by
Apple today seeded the second betas of iOS 16 and iPadOS 16 to developers for testing purposes, and the new betas introduce new features and refine some of the changes that Apple made with the first iOS 16 release. Subscribe to the MacRumors YouTube channel for more videos. Lock Screen Photo Wallpaper Customization When customizing a photo on the Lock Screen, there are two new DuoTone and...
Shazam Music Recognition Control Center

iPhone's Built-In Music Recognition Feature Syncs With Shazam App on iOS 16

Tuesday June 21, 2022 7:37 am PDT by
Since the release of iOS 14.2 in 2020, the iPhone has included a built-in Music Recognition feature in Control Center powered by Shazam. And with iOS 16, and also the iOS 15.6 beta, the feature has received a small but useful upgrade. As noted by Twitter user @someone_andrew, songs identified with Music Recognition in Control Center finally sync with the Shazam app. It also remains...
2022 back to school apple

Apple Launches 2022 Back to School Offer: Up to $150 Gift Card With Mac or iPad

Friday June 24, 2022 5:08 am PDT by
Apple today launched its annual "Back to School" promotion for college/university students in the United States and Canada. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad, rather than free AirPods like last year. Apple is also offering students 20% off AppleCare+ plans during the promotion. Apple is offering a $150 gift card with the purchase ...
ios 16 lock screen feature2

Apple Seeds Second Betas of iOS 16 and iPadOS 16 to Developers

Wednesday June 22, 2022 10:07 am PDT by
Apple today seeded the second betas of upcoming iOS 16 and iPadOS 16 updates to developers for testing purposes, with the updates coming two weeks after Apple unveiled the new software at WWDC and released the initial betas. Registered developers can download the iOS and iPadOS 16 profiles from the Apple Developer Center, and once installed, the betas will be available over the air. Given...
apple ar headset concept 1

Apple Rumored to Announce 'Game-Changer' AR/VR Headset in January 2023

Friday June 24, 2022 2:52 am PDT by
Apple is "likely" to announce its long-rumored mixed-reality headset as soon as January 2023, Apple analyst Ming-Chi Kuo has reiterated. Concept render based on purported leaked information by Ian Zelbo In a detailed post on Medium, Kuo explained that Apple's headset will be a "game-changer" for the augmented-reality and virtual-reality market. Describing some of the headset's...