Stories
Slash Boxes
Comments

SoylentNews is people

Top MacOS App Exfiltrates Browser Histories Behind Users' Backs

posted by Fnord666 on Monday September 10 2018, @12:14AM   Printer-friendly
from the powned-again dept.

MrPlow writes:

Submitted via IRC for SoyCow0245

A top-grossing Apple App Store program called Adware Doctor is capable of sidestepping macOS security controls and surreptitiously copying a user's entire browser history. It then sends it to a China-based domain.

According to Patrick Wardle, chief research officer at Digita Security and founder of Mac security company Objective-See, Apple was informed of Adware Doctor's suspicious functionality last month, but has failed to take action.

[...] In a technical breakdown of the app Wardle points out that, as is with similar "security" tools, Adware Doctor needs legitimate access to user's files and directories in order to scan for malicious code.

"Once the user has clicked 'allow,' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files," he wrote. This allows the app to detect and clean adware, but to "also collect and exfiltrate any user file it so chooses."

The scope of data collected by the app, such as the aforementioned browser histories, is beyond what's required for the app to work as advertised, he said. He also said that collecting "the user's browsing history seem[s] to be a blatant violation of the user's privacy (and of course Apple's strict Mac App Store rules)."

Source: https://threatpost.com/top-macos-app-exfiltrates-browser-histories-behind-users-backs/137247/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Top MacOS App Exfiltrates Browser Histories Behind Users' Backs | Log In/Create an Account | Top | 16 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by c0lo on Wednesday September 12 2018, @03:53AM

    by c0lo (156) on Wednesday September 12 2018, @03:53AM (#733474) Journal

    Your criticism seems to be that 1 month is unacceptable for a global company with potentially many requests and false positives in their queue.

    My criticism is that a malware (not a vulnerability) needs to be at least warned to the users in any software ecosystem in the shortest time.**
    Any attempt to reinterpret this one is just a slide on a strawman argument path.

    What happens after the warning is another topic.
    If Apple needs more time to take make their mind in regards with their decision, their choice and and their responsibility to their paying customers.

    My criticism of the researcher is the lack of patience.

    "Snowflake millenial" doesn't sound to me as criticism. But again maybe it's only me.

    ---
    ** Imagine how the world would be if the latest WannaCrypt was subject to "Well, hey, let's see. How about we fiddle our fingers perform the due analysis for about a month and will get back to you. In the mean time, shush, don't say a word"

    --
    https://www.youtube.com/watch?v=aoFiw2jMy-0
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2