A popular app which supposedly stops malware on Mac computers has been found to be secretly harvesting the browser history of its users.
According to security researcher Patrick Wardle, Adware Doctor, the top paid utility in the Mac App Store, has allegedly been sending the collected data to a server in China.
Wardle was reportedly alerted by Privacy 1st, so he investigated the app to check what it was actually doing, 9to5Mac reports.
It was then he discovered that the app creates a password-protected archive called history.zip, which it then uploads to a server which he claims to be based in China.
When Wardle opened the zip file, he found that it contained browser history from Chrome, Firefox, and Safari.
Wardle revealed that the app’s developers exploited a loophole that allowed them to access that data despite Apple’s restrictions.
He noted that since Adware Doctor is given universal access by users when it is first run, it is able to access running processes on the Mac by simply working around obstacles that Apple has set in place for security.
When the discovery of its sneaky data collection made news, the server collecting the data was reportedly turned offline.
Wardle added that he notified Apple of his findings a month ago, and the app has been taken down from the App Store.
Based on its listing on the online store, the app was listed as the store’s No. 1 paid utility and the fourth-highest “Top Paid” software programs overall, just behind Final Cut Pro, Magnet and Logic Pro X.
Priced at $4.99, the app appeared to be a legitimate product as it was validly signed by Apple and had a lot of five-star reviews which may or may not have come from actual users.
Adware Doctor, which claimed to keep “malware and malicious files from infecting your Mac,” was earlier removed when it originally posed as Adware Medic, an actual malware app released by Malwarebytes (Malwarebytes for Mac).
However, it was able to return to the app store after it changed its name to Adware Doctor.