Hi Philippe & WAMUG members, Have a read of this article on the subject https://blog.malwarebytes.com/threat-analysis/2018/09/mac-app-store-apps-are-stealing-user-data/?utm_source=twitter&utm_medium=social&utm_campaign=q2fy19
Cheers, Ronni Ronni Brown’s iPad Pro 12.9-inch 256GB > On 8 Sep 2018, at 11:49 am, Ronda Brown <ro...@mac.com> wrote: > > Hi Philippe, > > I would still recommend purchasing your Apps from the Mac App Store. > It’s fairly rare that Apple let a bad app slip through. > > Malwarebytes that I’ve recommended on WAMUG many times we’re very quick to > issue a fix for removal of the rogue App ‘Adware Doctor’. > > Cheers, > Ronni > > Ronni Brown’s iPad Pro 12.9-inch 256GB > > >> On 8 Sep 2018, at 10:54 am, Philippe Chaperon <laut...@bigpond.com> wrote: >> >> Good morning All, >> >> Thank you for this important warning Ronni. I buy 99% of my applications >> from the Mac App Store thinking it is the safest place to buy software and >> now this warning is ringing bells of alarm in my brain. What worries me is >> that it is taking so long for Apple to act. >> >> That said I still consider it best to buy from the App Store. >> >> Regards, >> >> Philippe C. >> >> On 8 Sep 2018, at 8:06 am, Ronda Brown <ro...@mac.com> wrote: >> >> >> https://techcrunch.com/2018/09/07/a-top-tier-app-in-apples-mac-app-store-will-steal-your-browser-history/?utm_campaign=website&utm_source=sendgrid%20email&utm_medium=email >> >> A top-tier app in Apple’s Mac App Store stole your browser history >> 11 hours ago >> >> A popular top-tier app in Apple’s Mac App Store was found pilfering browser >> histories from anyone who downloads it. >> >> Yet still, at the time of writing, the rogue app — Adware Doctor — stands as >> the No.1 grossing paid app in the app store’s utilities categories. But >> Apple was warned weeks ago and did nothing to pull the app offline. >> >> Now it seems Apple has pulled the app. Apple would not comment on the record. >> >> Apple’s walled garden approach to Mac and iPhone security is almost entirely >> based on the inability to install apps outside the app store, which Apple >> monitors closely. While it’s not uncommon to hear of dangerous apps slipping >> into Google’s Play store, it’s nearly unheard of for Apple to face the same >> fate. Any app that doesn’t meet the company’s strict security and sometimes >> moral criteria will be rejected, and users won’t able to install it. >> >> This app promises to “keep your Mac safe” and “get rid of annoying pop-up >> ads” — and even “discover and remove threats on your Mac.” But what the app >> won’t tell you is that for just a few bucks it’ll steal and download your >> browser history — including all the sites you’ve searched for or accessed — >> to servers in China run by the app’s makers. >> >> Thanks in part to a video posted last month on YouTube and with help from >> security firm Malwarebytes, it’s now clear what the app is up to. >> >> Security researcher Patrick Wardle, a former NSA hacker and now chief >> research officer at cybersecurity startup Digita Security, dug in and shared >> his findings with TechCrunch. >> >> Wardle found that the downloaded app jumped through hoops to bypass Apple’s >> Mac sandboxing features, which prevents apps from grabbing data on the hard >> drive, and upload a user’s browser history on Chrome, Firefox and Safari >> browsers. >> >> Wardle found that the app, thanks to Apple’s own flawed vetting, could >> request access to the user’s home directory and its files. That isn’t out of >> the ordinary, Wardle says, because tools that market themselves as >> anti-malware or anti-adware expect access to the user’s files to scan for >> problems. When a user allows that access, the app can detect and clean >> adware — but if found to be malicious, it can “collect and exfiltrate any >> user file,” said Wardle. >> >> Once the data is collected, it’s zipped into an archive file and sent to a >> domain based in China. >> >> Wardle said that for some reason in the last few days the China-based domain >> went offline. At the time of writing, TechCrunch confirmed that the domain >> wouldn’t resolve — in other words, it was still down. >> >> “Let’s face it, your browsing history provides a glimpse into almost every >> aspect of your life,” said Wardle’s post. “And people have even been >> convicted based largely on their internet searches!” >> >> He said that the app’s access to such data “is clearly based on deceiving >> the user.” >> >> Apple was contacted weeks ago. The email it responded with, in not so many >> words, said “we can’t tell you anything,” but forwarded the feedback. >> >> A meagre $4.99 for the app may not seem much to the average user, but it’s a >> heavy price to pay for having the app steal your browser history — which >> users will never get back. And given that Apple makes a 30 percent cut of >> every purchase of this popular app, there isn’t much financial incentive to >> withdraw the app from the store. >> >> Updated at 9:05am PT: with confirmation that the app has been pulled. >> >> >> >> Ronni Brown’s iPad Pro 12.9-inch 256GB >> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> >> >> -- The WA Macintosh User Group Mailing List -- >> Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> >> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> >> Settings & Unsubscribe - >> <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
