• You can now help support WorldwideDX when you shop on Amazon at no additional cost to you! Simply follow this Shop on Amazon link first and a portion of any purchase is sent to WorldwideDX to help with site costs.
  • Click here to find out how to win free radios from Retevis!

Watch out if using "Adware Doctor"!

DXman

Yes, that's 3100 degrees F. Nine yrs of hard work.
Apr 5, 2005
1,752
1,286
173
77
West Coast - Washington
Top macOS utility app, Adware Doctor, secretly sends browsing history to China
Apple still hasn't removed it from the Mac App Store
By David Matthews on September 7, 2018, 12:23 PM
2018-09-07-image-18.jpg

WTF?! A application in the Mac App Store has been found to exfiltrate a user's browsing history to a Chinese server without the user's permission. This undermines the entire premise of the App Store as a safer way to install applications as well as Apple's stance on privacy and security.

The most popular utility app in the Mac App Store, Adware Doctor, has been discovered to capture a user's browsing history and ex-filtrate it to a Chinese server.

The behavior was first discovered by twitter user @privacyis1st who then contacted Patrick Wardle, a former hacker at NSA and current chief research officer at startup Digita Security. Wardle subsequently did a comprehensive deep dive on the rogue app to discover exactly how it works and posted his findings on his blog.

Top Sold MacOS AppStore application is ROGUE. Adware Doctor is stealing your privacy. PoC: https://t.co/LmveX593q0#malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert

— Privacy 1st (@privacyis1st) August 20, 2018
According Wardle, the app first asks for universal access in order to run. That might sound creepy by itself but most malware/virus scanners need access in order to scan your system. However, Adware Doctor was able to access running processes (normally protected by sandboxing) by using Apple's own code:

"It’s (likely) just a copy and paste of Apple’s GetBSDProcessList code (found in Technical Q&A QA1123 “Getting List of All Processes on Mac OS X”). Apparently this is how one can get a process listing from within the application sandbox! I’m guessing this method is unsanctioned (as it clearly goes against the design goals of sandbox isolation). And yes, rather amusing the code Adware Doctor uses to skirt the sandbox, is directly from Apple!"

The app creates a file called 'history.zip' and uploads that file to a server based in China. Unpacking the zip file reveals the browsing history of all the browsers you have installed including Safari. Additionally, the app also captures data from all the apps you've downloaded.

2018-09-07-image-3.png


Despite being a "popular" app, Adware Doctor has quite the checkered past. For example, it has blatantly violated App Store rules by attempting to elevate privileges in 2016 by using AppleScript. It was also caught using the name "Adware Medic" which was already being used by an existing app at the time. Apple pulled it from the Mac App Store only to reinstate it once the name was changed to the current Adware Doctor. Also, Wardle points out that many of the good reviews are likely fake in an effort to attract more users.

What's most alarming is that despite being notified about this a month ago, Apple has still refused to take action on an application that clearly violates privacy. Apple openly promotes both the Mac and iOS App Stores as the safest way to install applications specifically to avoid rogue applications like Adware Doctor. Presumably, every app is reviewed before it's allowed in the store and when there are issues, Apple is usually quick to remove it.

While the app itself is still available, the server itself is down (probably due to this revelation). On a positive note, Wardle's in-depth reverse engineering of the app is quite the lesson in cyber-security.
 

This is not surprising, China has done this with everything industry. They have been thieves for so long. Reverse engineering to make cheap products. Proves a socialist/ communist has no ability for original thought or motivation to invent. Only rob others. Lazy thieving little weasels.
 
I’m a fanboy, I’ll admit it. It doesn’t surprise me though, Apple is quick to snatch something down in the App Store if it’s a Chan app or something like that. Amazes me though that they leave up crap like this, amazing.

I don’t use that on my Macs so it doesn’t effect me luckily but I hate it for those who have used it.
 
  • Like
Reactions: Rwb
This is not surprising, China has done this with everything industry. They have been thieves for so long. Reverse engineering to make cheap products. Proves a socialist/ communist has no ability for original thought or motivation to invent. Only rob others. Lazy thieving little weasels.

China is not a socialist country, it is a communist country.
I have survived over 60 years without a smart phone.
 
  • Like
Reactions: Rwb
In China it's a way of life. They've built entire cities on the premise of "If You Build It They Will Come".

They've followed Russia, Hong Kong (ROC), Taiwan, California even Detroit - just some examples; for concepts, failures, deployments, infrastructure - logistics - all that is needed to sustain an industry - its supply ring - parts. How it's all kept, made nearby, ready fulfill and even look ahead to see changes in the way the world works- in efforts to reduce transportation and re-tooling costs.

We're teaching them how to do it.

They feel its important to "strong arm" industries (Steel and Semiconductor are two examples) so they can outpace the competition in production - does not mean quality - it is a communist regime with socialist ties to other countries to provide for and be supplanted with - resources they've tied and bound to keep to themselves. Their roots and moral values run deep - think of Chernobyl as a good moniker for this type of approach - Energy Industry - Enron - is another - a lot of mistakes were made in the chain of command - not just for profit, but to gain world dominance.

It makes me shudder to think our CB radio industry or radio or communication in itself, can be held hostage to the whims and demands of so few companies that have strong ties to regimes that would rather see us eliminated.

IMO - to them Quality is a relative term - if everyone builds to a standard, then quality is maintained thru uniformity - all of us know that, in using this approach, it is not always the best approach.
 
In China it's a way of life. They've built entire cities on the premise of "If You Build It They Will Come".

They've followed Russia, Hong Kong (ROC), Taiwan, California even Detroit - just some examples; for concepts, failures, deployments, infrastructure - logistics - all that is needed to sustain an industry - its supply ring - parts. How it's all kept, made nearby, ready fulfill and even look ahead to see changes in the way the world works- in efforts to reduce transportation and re-tooling costs.

We're teaching them how to do it.

They feel its important to "strong arm" industries (Steel and Semiconductor are two examples) so they can outpace the competition in production - does not mean quality - it is a communist regime with socialist ties to other countries to provide for and be supplanted with - resources they've tied and bound to keep to themselves. Their roots and moral values run deep - think of Chernobyl as a good moniker for this type of approach - Energy Industry - Enron - is another - a lot of mistakes were made in the chain of command - not just for profit, but to gain world dominance.

It makes me shudder to think our CB radio industry or radio or communication in itself, can be held hostage to the whims and demands of so few companies that have strong ties to regimes that would rather see us eliminated.

IMO - to them Quality is a relative term - if everyone builds to a standard, then quality is maintained thru uniformity - all of us know that, in using this approach, it is not always the best approach.

Handy Andy,
I do love to read your posts. You absolutely have the ability to explain things attached with facts. I work in Petro-Chem Construction, and can relate to the Steel Ind. dominance that China has. The quality just sucks. Tensile integrity and consistency of their product is deplorable. Only a few Steel Fab. Mills available here in the US that actually produce seamed piping. None that produce seamless, all are abroad. I agree with the tariffs being imposed by the US on imports.......why pay for junk iron. Why should we pay them for High Priced Junk Iron, I've had to weld a lot of that crap. It will just blow out, wash out, drop out, create stress cracks while cooling due to the inconsistent metallurgy. Which costs time and money to "Do Over" because someone bought "the cheap shit", resulting in paying hundreds of $$$'s to save a dime. And this crap is all over the chemical plants throughout the US.
 
When a company moves to China, it doesn't physically move. They hire a company in China to make the product and the Chinese government owns half the company. The American factory gets dismantled and recycled because the Chinese company can only have new equipment. The American company then has to give the technology and trade secrets to the Chinese company and government. The American company can't keep track of the day to day activities like quality, they are forbidden. And then boat loads of unusable product arrives at the port and bankrupts the American company.
A few years ago, Apple found out that there were eight Apple stores in China that they did not know about. Apple did not even know where these stores were getting the product that was being sold.....
When the Clinton's hatched the plan of the US being a service economy, most people didn't know that Hillary was on the board of directors for Walmart.......
End rant.
 
  • Like
Reactions: Rwb and Handy Andy
All of this in the name of Free Trade...

In doing so, we have lost our edge in proprietary technology because that is what kept us from being eliminated is the very reasons we're now losing our edge as a world power. Others are building the platforms we enjoy as convenience and entertainment. It is now become, the way we have leveled the playing field - by sheer demand for entrainment and fun at low-cost.

Maybe we need to realize the issues surrounding the Open Market - and how it cost us our jobs we thought we were safe from being "downsized" from. But in doing so, allowed other countries to obtain a level of credit that was not available before

MAD meant what it is - Mutually Assured Destruction. - only now the very pillars our society is based upon is under attack by terrorist acts of treason by selling off our own property because another foreign entity is allowed to buy it and make it their own - they essentially establish a masthead on our soil in their name.

Ok, not to bite the hands that feed us, but look at all the techs out there that post on YT their vids, vying for your dollar - streamed to you on a platform that at one time was purposely, intentionally limited in access and bandwidth for consumers in order to protect our technology (encryption as well as generational Legacy platforms) we as consumers were held back due to Patent and Copyright for the purposes of National Security. (IBM Open Architecture versus APPLE Intel versus AMD) Until the bottom dropped out and we got caught with our pants down....

All those other countries, Vietnam to Russia, Poland to Rwanda (if it still exists) - are taking our trash - sifting thru it to find nuggets. And in doing so - we essentially threw them our garbage - and we're now eating - feeding our desires - using stuff they built from it.

On top of that - we're showing them how to make it more easily modifiable so not only can we be able to enjoy it more readily because it's easier to do so, and cheaper to own. It's reciprocal - others that don't like us, can do the very same things to jam it down our throats.

We've already found USB devices "phone home" when they connect to a device and are discovered.

BT technology is the same way - until you "lock" your pairing - you are visible and even if they can't utilize/hijack it, the unique ID the devices you and the BT - have - are now traceable - Xfinity does this all the time. It has "hot spots" to help their service techs solve and translate their network issues. ATT shares their data over their network and visa-versa - even AirCrack is a method to locate and enter into wireless networks. Even hidden, for all they need to know - is your wireless id.

If someone was pissed enough - either via government or underground "dark web" - the right keys in the wrong hands - you, me - we're all done.

Want to see something scary, look under settings on your phones' security - look at the routings and certificates used and their roots - its' addresses are not exactly on our shores - ok? They are encrypted routes but their root locations are shocking to see us wind up having our home photos and music stored thru gateways in those locations.
 

dxChat
Help Users
  • No one is chatting at the moment.
  • @ kopcicle:
    If you know you know. Anyone have Sam's current #? He hasn't been on since Oct 1st. Someone let him know I'm looking.
  • dxBot:
    535A has left the room.
  • @ AmericanEagle575:
    Just wanted to say Good Morning to all my Fellow WDX members out there!!!!!