Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Mac App Store App 'Adware Doctor' Discovered Stealing User Browsing History [Update: Removed]

This shows the sad state of MacOS and its market share that it's more profitable for developers to write malware than real pro software or AAA games.
 
  • Like
Reactions: Stux and 5105973
Oh nowwwwww they remove it! Now that is has become public knowledge. Where were they a MONTH AGO?!
 
  • Like
Reactions: tkermit
macintoshmac said:
I used to think that gmail scans are good enough. Just a couple of months ago I received an email from a client long back, asking me if I would like to work again, and there was an attachment. My antivirus software flagged it down. I use Outlook 2016 on the Mac. The email was received from gmail, and I checked on the gmail website, Gmail allowed me to download that attachment - it was somehow not able to find anything wrong with it.

There are exceptions, and it is better to be safe than sorry. The client later on confirmed that somehow his account was hacked or something and it was spamming everyone on his list.
Click to expand...

Yes you are correct, it's better safe than sorry in some cases. I just prefer to stick to internet hygiene of "don't visit dodgy sites, don't download attachments unless you're expecting them, don't click on links in popups or emails that are suspect" and thus far I've been on the good side. Surely you would have noticed that the file they sent was an executable of some sort, and not a DOCX or PDF or whatever?
 
  • Like
Reactions: macintoshmac
Trusteft said:
Chinese software, who could have imagined it being a security issue!
Click to expand...

What is strange is that MAS users are paying to have their browsing data stolen. This company can probably sell ice to an Eskimo.
 
  • Like
Reactions: Stux
Jimmy James said:
Why does it always have to be a server in China?
Click to expand...

Because people only tend to notice it when it’s a server in China. Not saying there aren’t plenty to notice, but nationality isn’t really focused on when it’s from somewhere else.
 
brofkand said:
Yes you are correct, it's better safe than sorry in some cases. I just prefer to stick to internet hygiene of "don't visit dodgy sites, don't download attachments unless you're expecting them, don't click on links in popups or emails that are suspect" and thus far I've been on the good side. Surely you would have noticed that the file they sent was an executable of some sort, and not a DOCX or PDF or whatever?
Click to expand...

Of course, I maintain great internet hygiene. But the good thing is, the anti detected it as the mail was loaded, I had not even checked what attachments and file extensions are there. I do not need the anti, but just use it since it comes real cheap (ESET Cyber Security Pro cost me under USD30 for 3 years protection) and gives a little more peace of mind. :)
 
  • Like
Reactions: brofkand
Jimmy James said:
Why does it always have to be a server in China?
Click to expand...
Why do you even have to ask that question.

Seriously.
[doublepost=1536338819][/doublepost]
FrenchRoasted said:
Perhaps this is just confirmation bias, but every time I hear "China" and "Privacy" it isn't good. Also, why can't iOS have internal checks to tell you what apps are doing and what data they are accessing?
Click to expand...
Actually, it could; but most people would just click-through anyway.

I agree that's a lame excuse, though.

And I still like your tag-line!
 
polee said:
This is scary. How would we be able to protect ourselves from such infringements? Are there any safeguards around.
Click to expand...
ONE App in HOW many?

Now, let's trot on over to the Google Play Store and see what that number is...

https://nakedsecurity.sophos.com/20...-apps-removed-from-google-play-store-in-2017/

http://www.eweek.com/mobile/google-removes-145-malware-laden-apps-from-play-store

https://www.zdnet.com/article/phony...ound-distributing-malware-and-tracking-users/

https://www.express.co.uk/life-styl...lware-steal-data-Facebook-Twitter-Google-Play

et FREAKING Cetera...
[doublepost=1536339247][/doublepost]
justperry said:
As if the states is any better.:rolleyes:
Click to expand...
Yeah, as a matter of fact, we are.
 
luvbug said:
It's a Mac app, not an iOS app. There are tools that give performance metrics about disk and network activity, but how would the OS possibly monitor what Apps are doing at the file level? The system would be useless if the OS was constantly doing that level of monitoring, not to mention the OS has no concept of context, i.e. it doesn't know if files contain sensitive data or not.

Ultimately, Apple can only do so much to vet Apps in the App Store, Mac or iOS. Apple doesn't have the source code for each app, and that's the only way they can *really* discover everything the app is doing. Even if they did have source code, they couldn't possibly review every app (and every update to the app) simply because of the time and effort involved (think in terms of many months and many hundreds of skilled staff).
Click to expand...

A app called Little Snitch would do the job.
 
Logic368 said:
Why does the Mac App Store still exist? It only has ****** scam apps and nothing that you actually need. Furthermore, you’re supposed to trust the App Store, because it’s “curated”, but then this kind of stuff happens. It would be better if Apple simply posted a “Gallery” of apps, like they do for safari extensions.
Click to expand...
"This kind of thing" happens infrequently-enough (zero to two times per year on the iOS and Mac App Stores) that it is NEWS, whereas, back on the Google Play Store (which is ALSO supposedly "Curated"!), we have stuff like THIS (see linked articles) :

https://forums.macrumors.com/thread...y-update-removed.2135784/page-4#post-26424247
[doublepost=1536339729][/doublepost]
stevie grant said:
Don't worry. Apple will always do the right thing.

Eventually. Either under penalty of the law, or due to public shaming.
Click to expand...
Or, because it IS the right thing.

You forgot that one...
 
Wouldn't surprise me if the software was actually a plant by the US or even UK government... I'd be careful of VPN software also.
 
It's great to see Apple keep such high standards in their App stores. Yet another reason I continue to use, enjoy, and support Apple and their products.
 
luvbug said:
It's a Mac app, not an iOS app. There are tools that give performance metrics about disk and network activity, but how would the OS possibly monitor what Apps are doing at the file level? The system would be useless if the OS was constantly doing that level of monitoring, not to mention the OS has no concept of context, i.e. it doesn't know if files contain sensitive data or not.

Ultimately, Apple can only do so much to vet Apps in the App Store, Mac or iOS. Apple doesn't have the source code for each app, and that's the only way they can *really* discover everything the app is doing. Even if they did have source code, they couldn't possibly review every app (and every update to the app) simply because of the time and effort involved (think in terms of many months and many hundreds of skilled staff).
Click to expand...
There are tools, like Little Snitch, that CAN and DO monitor SPECIFIC macOS Network Activity:

https://www.obdev.at/products/littlesnitch/index.html

Never have heard any complaints about it "tanking" performance, BTW...
 
MacsRuleOthersDrool said:
ONE App in HOW many?

Now, let's trot on over to the Google Play Store and see what that number is...
<whataboutisms snipped>
Click to expand...
Other than deflecting from the topic, I fail to see how your post is helpful or informative or anything other than a desperate attempt to point the finger of blame towards anyone but Apple. Apple basically hosted malware in the MAS. They let it continue to propagate after the issue was brought to their attention. They only removed it after being publicly shamed.

Your response is to use all caps to point at Google. Seems appropriate. Mac owners must feel a lot better in a misery loves company sort of way. :rolleyes:
 
  • Like
Reactions: Okasian, VictorTango777, madrigal77 and 1 other person
69Mustang said:
Other than deflecting from the topic, I fail to see how your post is helpful or informative or anything other than a desperate attempt to point the finger of blame towards anyone but Apple. Apple basically hosted malware in the MAS. They let it continue to propagate after the issue was brought to their attention. They only removed it after being publicly shamed.

Your response is to use all caps to point at Google. Seems appropriate. Mac owners must feel a lot better in a misery loves company sort of way. :rolleyes:
Click to expand...
If it weren't 145,000 : 1, you might even have a debatable point; But it is, so you don't.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back