Apple Removes Top Security Tool for Secretly Stealing Data

Apple Removes Top Security Tool for Secretly Stealing Data (Sep 10, 2018)

The top rated paid utility application on the Mac App Store, “Adware Doctor,” has been removed by Apple after security researchers found that the application was surreptitiously stealing browser data. The stolen data was observed being sent to AWS servers that were administered by an individual in China. This discovery is troubling because Adware Doctor, prior to its removal from the App Store, was on top of the paid utility list boasting a 4.8 star rating with over 7,000 user reviews.

Recommendation: Mobile applications should only be downloaded from official locations such as the Google Play Store and the Apple App Store. Websites and documents that request additional software is needed in order to access, or properly view content should be properly avoided. Additionally, mobile security applications provided from trusted vendors are recommended. Furthermore, this story shows the potential of malicious applications bypassing the security measures of application stores and therefore it is crucial that all permissions of an application be examined prior to download.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.