Cybersecurity Researchers: Apple Left Suspicious “Adware Security App” on Mac App Store for Weeks

Apple once allowed a purported adware security checker app to be sold on its renowned App Store, where customers trust they can download Apple-vetted software to their Apple equipment. However, cybersecurity researchers recently discovered that one of the App Store’s most popular apps was actually performing suspiciously while claiming to protect users from suspicious malware and adware.

Gatekeeper makes it safer to download apps by protecting you from inadvertently installing malicious software on your Mac. The safest place to download apps for your Mac is the Mac App Store. Apple reviews each app before it’s accepted by the store, and if there’s ever a problem with an app, Apple can quickly remove it from the store.

— macOS – Security Apple (apple.com/macos/security)

Security-scanning app Adware Doctor once reached fourth on the Mac App Store’s list of top paid apps and first place in Top Paid Utilities, but now Adware Doctor has been removed from the Mac App Store — hours after WIRED published an article about the security problem and the sketchy and low quality features of the app.

MORE INFO BELOW ADS …




^^ MOBILE? USE VOICE MIC ^^

 facebook … 

GET ALERTS on Facebook.com/ArlingtonCardinal

GET ALERTS on Facebook.com/CardinalEmergencies

GET ALERTS on Facebook.com/ArlingtonHeightsCrime

Get updates from The Cardinal ALL NEWS FEEDS on Facebook. Just ‘LIKE’ the ‘Arlington Cardinal Page (become a fan of our page). The updates cover all posts and sub-category posts from The Cardinal — Arlingtoncardinal.com. You can also limit feeds to specific categories. See all of The Cardinal Facebook fan pages at Arlingtoncardinal.com/about/facebook …


Help fund The Cardinal Arlingtoncardinal.com/sponsor

A cybersecurity researcher, who goes by the Twitter name Privacy 1st (@privacyis1st) had already released a proof-of-concept (PoC) video detailing suspicious behavior in the app, and notified Apple.


Besides Apple, Privacy 1st also reached out to other cybersecurity experts. The researchers collaboratively and independently discovered that Adware Doctor collects data about its Mac users, particularly their browsing history and the user’s list of other software and processes running on their machine. Adware Doctor stored that data in a locked file, and periodically sent out the data to a server that was apparently located in China. The app’s behavior likely violated the App Store’s developer guidelines, but even after Privacy 1st notified Apple about the concerns weeks ago, the app had remained available on the Mac app store.

Mac security researchers Patrick Wardle of Digita Security and Thomas Reed of Malwarebytes independently investigated Adware Doctor as well.

Cybersecurity researcher Patrick Wardle reported that some suspicious apps are not removed by Apple for up to six months. Wardle tweeted on his Twitter account at 2:19 p.m. on Friday September 7, 2018 that he was “stoked” that Apple had removed Adware Doctor — “A Deceitful Doctor” in the Mac App Store.

Thomas Reed reported that his company Malwarebytes originally started tracking Adware Doctor under a different name in 2015, when it was called Adware Medic, which was also the name of a legitimate scanner Reed had developed. Malwarebytes notified Apple and the MacOS company removed the app. However, Reed explained that Adware Medic resurfaced in the App Store within days as Adware Doctor.

The developer name for Adware Doctor was documented YONGMING ZHANG, which coincidentally is the name of an infamous Chinese serial killer, who was convicted of killing 11 males between March 2008 and April 2012 in Nanmen village near Kunming, China.

 NEWS COVERAGE … 

WIRED | ONE OF MOST POPULAR MAC APPS ACTS LIKE SPYWARE

Objective-See | A Deceitful ‘Doctor’ in the Mac App Store

The Telegraph | Chinese ‘serial killer’ farmer suspected of killing 17 people