A Mac adware tool called Adware Doctor, which was the number one paid utility in the Mac App Store until Apple recently removed it, was stealing your data and sending it to China (via Threatpost).
[Apple Updates App Store to Remove iPhone Antivirus Apps]
Mac Adware Tool
Security researcher Patrick Wardle said that Apple knew about Adware Doctor’s suspicious function last month, but only removed it today. The app was able to circumvent macOS’s security controls, steal your browsing history, and send it to Chinese servers:
Once the user has clicked ‘allow,’ since Adware Doctor requested permission to the user’s home directory, it will have carte blanche access to all the user’s files. This allows the app to detect and clean adware, but to “also collect and exfiltrate any user file it so chooses.
I don’t know the full story behind how Apple looked into the matter, but it’s concerning that the company only removed it today, seemingly after the media brought attention to it. Apple is slowly guiding users to only download apps from the MAS, and this app was in clear violation of the company’s guidelines.