Browse the web more safely. Stop seeing annoying ads in Safari. AdBlock One for iOS & Mac. PC cleaner & tuneup utility. Cleaner One Pro for Windows.(This is referred to as exfiltrating the data.) Some of this data is actually being sent to Chinese servers, which may not be subject to the same stringent requirements around storage and protection of personally identifiable information like organizations based in the US or EU. Several security researchers have independently found different apps that are collecting sensitive user data and uploading it to servers controlled by the developer. There is a concerning trend lately in the Mac App Store. Unarchiver One for Mac & Windows.
Portable Spot Cleaner quantity. Our powerful motorised hand tool quickly tackles stains deep within your carpets, car interior, upholstery and fabrics. The Portable Spot Cleaner is the solution to nightmare carpet stains. The apps in question were collecting users browser history. Antivirus, and Dr Unarchiver. Dr Cleaner Usa Free Shipping AndAt that time, we discovered an app on the App Store named Adware Medic—a direct rip-off of my own highly-successful app of the same name, which became Malwarebytes for Mac. The developers found a loophole that allowed them to access that data despite Apple’s restrictions.The developer of this app is one that we at Malwarebytes have had our eye on since 2015. In the case of the list of running processes, the app had to work around blockages that Apple has in place to prevent such apps from accessing that data. A list of software that you have downloaded and from whereMost of this is data that App Store apps should not be accessing, much less exfiltrating. Free shipping and returns on all MAC Cosmetics orders. Patrick Wardle has recently posted an article detailing the misbehavior of an app named Adware Doctor, which is exfiltrating the following data:Shop MAC bestsellers to discover the best lipsticks and most popular makeup that MAC has to offer. This seemed like an abuse of an affiliate program for that product.It turned out that this app’s behavior was very similar to the current behavior of Adware Doctor. The typical behavior is that, when the user opens an unfamiliar file, this app (and others like it) opens and promotes some antivirus software for scanning the file or the computer, often telling the user that they might be unable to open the file because they are infected.Interestingly, this software was designed to promote a what appeared to be a mainstream antivirus product. We’ve seen a number of different scam applications like this, which hijack the system’s functionality for handling documents that the user does not have an appropriate app to open, as a means for advertising other products…most often scams. Open Any Files: RAR SupportThis app came onto our radar late last year. It was eventually removed, but was replaced soon after by an identical app named Adware Doctor.We’ve continued to fight against this app, as well as others made by the same developer, and it has been taken down several times now, but in a continued failure of Apple’s review process, is always replaced by a new version before long. ![]() But it is very hard to argue to exfiltrate the entire browsing history of all installed browsers regardless of whether the user has encountered malware or not. Antivirus.)It could be argued that it is useful for antivirus software to collect certain limited browsing history leading up to a malware/webpage detection and blocking. (See a short excerpt from the file below, showing only the information listed for Dr. Wd security app for macWHOIS records identified an individual living in China, and having a foxmail.com email address, as being the registered owner of the domain. There is really no good reason for a “cleaning” app to be collecting this kind of user data, even if the users were informed, which was not the case.Interestingly, we found that the drcleanercom website was being used to promote these apps. Cleaner, minus the list of installed applications. We observed the same data being collected by Dr. CleanerUnfortunately, other apps by the same developer are also collecting this data. In some cases, we’ve seen offending apps removed quickly, although sometimes those same apps have come back quickly (as was the case with Adware Doctor). This is not new information, but these issues reveal a depth to the problem that most people are unaware of.We’ve reported software like this to Apple for years, via a variety of channels, and there is rarely any immediate effect. I’ve been saying this for several years now, as we’ve been detecting junk software in the App Store for almost as long as I’ve been at Malwarebytes. Worse, even if you don’t give it access, it may find a loophole and get access to sensitive data anyway.If you download one of these apps and are now regretting it, you can report the app to Apple:Thanks go to folks who have spent their spare time finding and poking at these applications over the last year: PeterNopSled (from the Malwarebytes forums), and Patrick Wardle. A free app from the App Store may seem perfectly innocent and harmless, but if you have to give that app access to any of your data as part of its expected functionality, you can’t know how it will use that data. Be cautious of what you download. Case in point…all of the above.I strongly encourage you to treat the App Store just like you would any other download location: as potentially dangerous.
0 Comments
Leave a Reply. |
AuthorDavid ArchivesCategories |