• Home
  • News
  • Malicious Apps in Mac App Store Sending Data Back to Developers

Malicious Apps in Mac App Store Sending Data Back to Developers

Malicious Apps in Mac App Store Sending Data Back to Developers

Numerous apps available in the Mac App Store have been found to be stealing data from users, including sensitive information and sending it back to the apps’ developers. The rash of discoveries occurred following the revelation that the top paid utility app in the store was improperly harvesting user data.


The biggest app of the list is Adware Doctor, which topped the chart for paid utilities in the Mac App Store, before being removed after the reports about it first emerged on Friday. The app claims to remove adware threats from a Mac, including extensions and cookies in browsers, but Patrick Wardle advises the “cleaning” process involves collecting the browsing history of the user, as well as a list of all running processes, and a list of software downloaded to the Mac. 

Following that incident, researchers found other Mac App Store apps sending data back to servers without their users’ knowledge or consent. Despite the apps’ malicious intent, they managed to get past the stringent app submission process.

MalwareBytes reports that, in some cases, the data is dispatched to servers in China, a country that doesn’t require the same stringent storage requirements as the United States or European countries for personal data. In cases like these, it is highly likely the data is being used for malicious purposes. 

The apps found ways to get around the restrictions Apple put in place to prevent apps from accessing data they did not have permission to access.

Adware Doctor is a clone of a legitimate app that was from the developer of MalwareBytes for Mac. While the app was removed form the App Store, it returned under another name. MalwareBytes has been in an extended battle to keep clones of the app from the Mac App Store.

Other apps that perform similar underhanded functions include “Open Any Files,” “Dr. Antivirus,” and “Dr. Cleaner.” All of the apps harvested information including the browsing and search history of the Safari, Chrome, and Firefox browsers.

The discovery of these apps calls into question the safety of apps found in the App Store, and whether or not Apple can actually keep users safe by reviewing the apps before they make it into the App Store.

Also questionable is the apparent ability of developers to bring questionable apps back into the store after they’ve been blocked from the Mac App Store.

MalwareBytes suggests the following:

I strongly encourage you to treat the App Store just like you would any other download location: as potentially dangerous. Be cautious of what you download. A free app from the App Store may seem perfectly innocent and harmless, but if you have to give that app access to any of your data as part of its expected functionality, you can’t know how it will use that data. Worse, even if you don’t give it access, it may find a loophole and get access to sensitive data anyway.

If you download one of these apps and are now regretting it, you can report the app to Apple: