In the wake of recent revelations from privacy advocates around the web, the Mac App Store's highest grossing utility app Adware Doctor has been removed by Apple. Security company Malwarebytes said it has been monitoring the behavior of its developer Yongming Zhang since 2015, and its report on Friday sent shockwaves that led to Apple choosing the nuclear option.
According to security researcher Patrick Wardle, Adware Doctor was doing a little bit more behind the scenes than scanning your Mac for malware.
Its extra-curricular activities included scooping up all the browsing history in all the web browsers you use on your Mac, reporting all running processes (basically, all programs and operating system components that are running in the foreground and background), plus generating a list of all the Mac apps you've downloaded and where you got them from.
According to Wardle, all of this data was then quietly rolled up and sent to Yongming Zhang in China.
At the same time, noted security vendor Trend Micro had several of its apps pulled from the Mac App Store as well, as the search expanded to similar apps available there.
Trend Micro enters the fray
When you hear about a security app secretly spying on users or otherwise engaging in other privacy shenanigans, it often looks sketchy from the get-go, and we just roll our eyes and say, "You should have seen that coming." But on top of the revelations about Adware Doctor, the respected security company Trend Micro was also accused of unauthorized collection and transmission of user data in several of its apps on the Mac App Store.
Of particular concern was a "snapshot" feature, which takes the last 24 hours of your web browser history and sends it to Trend Micro for security analysis. Before the brouhaha unfolded, this feature was present in Dr. Cleaner, Dr. Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder.
It was apparently Yongming Zhang's abuse of a feature like this in its Adware Doctor that led to the investigation and eventual removal from the Mac App Store. Trend Micro says that the snapshot feature is not present in the Windows or enterprise versions of its products.
In a terse statement, Trend Micro pointed out that the snapshot feature is highlighted during regular operation of the desktop app, and users are asked permission to transmit the one-time-only snapshot to Trend Micro.
The company also asserts that this data was sent only to an Amazon Web Services server located in the United States, not China as was apparently the case with Yongming Zhang's Adware Doctor. Trend Micro added it will be removing the feature from the apps that had it.
FOLLOW Download.com on Twitter for all the latest app news.
That said, trust is the currency of security software, and it appears that some users were not aware of the potential privacy implications.
Given the mish-mash of standards that the world applies to encrypting or anonymizing your user data in the cloud -- neither of which Trend Micro touches upon in its statement -- it's hard to blame Apple for pulling Trend Micro's apps from its Mac App Store, despite the track record that the Japanese security company has established over the years. In the security world, the appearance of impropriety can be as bad as hard evidence.
Either way, removal by Apple isn't necessarily a death knell. In October 2016, the company removed the developer tool Dash from the app store over concerns about the validity of its user reviews, even going as far as canceling the Apple developer account.
However, when the app's maker applied for a new account and re-submitted the iOS version of Dash in May 2017, both he and the app were cleared without any issues, though the MacOS version of Dash remains exclusively sold on the Dash website.
Adware Doctor itself has been removed from Apple's app stores multiple times, but Malwarebytes says that it keeps resurfacing under different names. Maybe this time it will be gone for good.
- Adware Doctor, the highest-grossing utility on the Mac App Store, was removed over the weekend because of privacy concerns. Separately, security vendor Trend Micro had several of its apps removed that featured some of the behavior of the Adware Doctor app.
- When an app requests permission to transmit your user data to a server on the Internet, it's important to make sure that the app developer has a solid track record, which Adware Doctor's developer Yongming Zhang did not.
- Dashlane's new Inbox Security Scan can check your emails for malware
- Android malware Sonvpay secretly charges you premium text message fees
- Fortnite malware aimed at cheaters infects tens of thousands of devices
- Fortnite's battle royale with Android security problems is just getting started (CNET)
- Schneider Electric may have shipped USB drives infested with malware (ZDNet)
- How AI-powered malware uses facial recognition technology (TechRepublic)