Apple’s unsafe Mac App Store is simply inexcusable

adware doctor mac app store

(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

Mac fans haven’t felt the love from Apple lately, but the problems go beyond a lack of new products. It’s become a matter of security.

A string of recent reports has shown certain apps in the Mac App Store were stealing data without user knowledge. These apps were supposedly vetted by Apple, and were popular, frequently-downloaded apps on the Mac App Store. Users had no reason to suspect the apps were malicious.

People’s trust in Apple has left them vulnerable, and it’s time Apple addressed it.

An app store legacy

The success of the iPhone has a lot to do with the app store’s curation. Each app available on iOS has an implied seal of approval from Apple. If you can download an app on your iPhone, it can be trusted. It’s safe. It’s a stark contrast from the Google Play store, which isn’t nearly as rigorous.

Adware Doctor app
Adware Doctor app

Much of the iOS App Store’s credibility has carried over to the Mac App Store, but apparently, it’s not deserved. As reported by ThreatPost, an app called Adware Doctor has been copying people’s browsing history from Chrome, Firefox, and Safari, and sending it off to a China-based domain, for currently unknown purposes. The app requests access to several questionable functions, though because of the trust people have put in the highly-rated app, they often approve the access.

Adware Doctor was in the number four spot in the “Top Paid” app list, right behind first-party software like Final Cut Pro.

The app was able to pass through the security controls of MacOS undetected, pull sensitive browsing history data, and download it as a zip archive. That flies in the face of Apple’s own data privacy policies. Of course, security breaches happen. That’s something every software company in the world deals with. The real problem is Apple’s failure to quickly remove the app.

The data theft was noted first by Patrick Wardle, founder of Mac security company Objective-See. According to him, Apple had been alerted about the suspicious app a month ago, and at the time of going public with his findings, had failed to take action.

Adware Doctor wasn’t just a small app that snuck through the fence. As ThreatPost points out, the app was listed in the number four spot in the “Top Paid” app list, right behind first-party software like Final Cut Pro. It was listed with endless five-star reviews, which were no doubt fake. It’s not hard to imagine why people would trust an app with such a high profile.

While Adware Doctor has since been removed, it took widespread media coverage for Apple to protect Mac owners who were actively having their data stolen. Apple’s failure to act quickly breaches the trust owners have put in Apple’s store.

It’s not just a few oddballs. It’s a trend

Adware Doctor isn’t the only app that’s been caught. In fact, an entire suite of apps from Trend Micro has been flagged for capturing the same data. That includes Dr. Antivirus, Dr. Cleaner, Dr. Unarchiver, and App Uninstall. Trend Micro initially denied the findings, but has since removed all such functions from the apps in attempts to get back into Apple’s good graces.

How could an app like this pass muster to begin with?

Malwarebytes said it has “taken as long as six months for a reported app to be removed.”

As it turns out, Adware Doctor was first accepted by Apple under the name of Adware Medic, which just happened to share its name with AdwareMedic app, a legitimate piece of software run by Malwarebytes. Trend Micro’s app was then removed, only to be re-accepted as Adware Doctor.

Not only did Apple approve an unsafe app, it approved it masquerading under the name of a proper app. That’s hardly top-tier espionage. If Apple could fall for that, what else might’ve pass by undiscovered?

Malwarebytes has been looking into that issue for years and reporting the appearance of junk software in Mac App Store. According to Malwarebytes, it’s sometimes “taken as long as six months for a reported app to be removed.”

With Apple’s renewed focus on the App Store in MacOS Mojave, we can only hope it takes back responsibility for cleaning up its mess. Yet with Apple’s attention squarely on iOS, we’re not getting our hopes up. If security isn’t a good enough reason to remember the Mac, then what is?

Product Review

The MacBook Air plays the oldies we love, but the band is getting old

We’ve waited for a long time for an update to the MacBook Air, and Apple finally delivered one. With a lot of features ported over from the MacBook Pro, is this new laptop what Apple fans have always wanted?
Mobile

Google’s storage-management app gets face-lift, is now called ‘Files by Google’

Google has revamped its files management app with a new look and name. Now known as Files by Google, the app received the company's all-white material redesign -- offering the same functionality, but with a cleaner look.
Computing

These 30 useful apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find for the latest MacOS and how they can help out your…
Mobile

How to remove Android malware from your phone or tablet

Did you download an infected app? You need to remove Android malware as soon as possible. Here's the process to uninstall, along with some recommendations on how to safeguard your phone.
Computing

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.
Computing

Mozilla’s built-in price-tracking extension makes it easy to shop with Firefox

Mozilla has heard those worries about Black Friday shopping, and is now introducing a new set of experimental extensions which aim to make it easier to find the best deals online.
Computing

Ray tracing not an option until it comes to all graphics cards, says AMD

Although Nvidia already supports the ray tracing feature on its high-end new GeForce Turning series of chips, AMD seemingly hinted it doesn't feel like ray tracing is ready until it comes to all level of graphics cards. 
Computing

Buying a laptop on Black Friday? Don't make one of these rookie mistakes

Shopping for a laptop on Black Friday can win you some excellent deals, but you should also avoid making common mistakes. Check out what to avoid when buying a laptop for Black Friday and what danger signs to be wary of.
Computing

The Mac mini's price has crept into iMac territory. So how do they compare?

Apple announced a long-awaited update to the Mac mini. Thanks to the updated specs and increase in price, it's begun to creep up to the base model iMac. In this guide, we now put up the specs on the newest refreshed Mac mini against the…
Computing

Our favorite Windows apps will help you get the most out of your new PC

Not sure what apps you should be downloading for your newfangled Windows device? Here are the best Windows apps, whether you need something to speed up your machine or access your Netflix queue. Check out our categories and favorite picks.
Computing

Turn your desk into a command center with the best ultrawide monitors

Top of the line ultrawide monitors have the deepest curves, the sharpest colors, and the biggest screens on the market today. You’re going to want one, sooner or later. So why not sooner? These are the best ultrawide monitors you can buy…
Computing

Best Buy is offering the Google Pixelbook for just $699 on Black Friday

Best Buy's steep $300 price cut on the Pixelbook this holiday represents one of the best prices we've seen on Google's premium Chrome OS hardware. The Pixelbook will be priced at just $699.
Computing

Will Chrome remain our favorite web browser with the arrival of newest version?

Choosing a web browser for surfing the web can be tough with all the great options available. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most users.
Computing

AMD Navi: Everything you need to know

With a reported launch in 2019, AMD is focusing on the mid-range market with its next-generation Navi GPU. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.