Apple has removed a popular Mac application after it was discovered that it was stealing user data.
The application, called Adware Doctor, was registering the users' application data and browser history and sending them to servers in China.
Before its extraction, Adware Doctor was the number one payment tool in Apple's Apple App Store.
Scroll down to watch the video
Apple has removed a popular Mac application after it was discovered that it was stealing user data. The application, called Adware Doctor, was registering users' data and history and sending it to servers in China.
WHAT IS SANDBOXING?
Apple has a strict research process for the applications that can appear in your App Store.
It uses a practice called & # 39; sandboxing & # 39; to add an additional layer of security between users' systems and the applications they download.
Sandboxing prevents applications from accessing data on a user's hard drive, such as any software they have downloaded, as well as their browsing history.
Adware Doctor, which cost $ 5, was described as an application designed to "prevent malware and malicious files from infecting your Mac."
The problems were first detected by the security researcher and former NSA hacker, Patrick Wardle.
Wardle detailed the application's flaws in a blog post last month, but Apple has just removed the application today.
For many, the application hardly seemed suspicious, having received more than 7200 ratings, many of which gave it five stars.
It was also included along with other accredited utility applications such as Final Cut Pro and Logic Pro X.
Once the users downloaded the application, they requested high-level access to their system files and the home files directory.
This is not particularly unusual for software that scans for malware or other malicious code.
For many, the application hardly seemed suspicious, having received more than 7200 ratings, many of which gave it five stars. It was included in the list along with other useful applications such as Final Cut Pro and Logic Pro X
But the application took those permissions one step further by collecting a user's browsing history, a list of other programs, and all the applications they downloaded.
Adware Doctor then stored that data in a folder that is periodically compressed and sent to a server in China.
In doing so, he was able to bypass the typical protections of sandboxing & # 39; Apple, which separates the applications of a user's operating system.
"When an application runs within a limited environment, it is limited by the files or user information it can access," Wardle explained.
The problems of Adware Doctor were detected for the first time by the security researcher Patrick Wardle. Wardle detailed the flaws of the application last month, but Apple has just removed the application today
& # 39; For example, an isolated space application from the Mac App Store should not be able to access the user's sensitive browser history. But Dr. Adware clearly found the way.
Since the publication of the blog was published, the server in China seems to have decreased.
Apple has not yet issued a statement about the removal of Adware Doctor from the Mac App Store.