The purpose of the Mac App Store is that all programs that you download there work well, do not do shadowy things and do not contain any viruses. These apps are controlled by Apple and that should prevent the developers from building malicious functions. That this does not always work that way in practice, is shown by a story from last weekend. Several very popular apps according to the charts have sent your user data to China.
The first app was Adware Doctor. The popular anti-malware program from the Mac App Store secretly sends the entire browser history to servers in China. That is what security researcher Patrick Wardle says. First, the tool asks for access to all files in your user folder. You confirm that, of course, because you want the app to scan your files. Then the app Apple’s sandbox is too smart and also asks the browsing history of Safari, Chrome and Firefox. Then a zip archive with your data is sent to China. The server has now been taken offline and Apple has also removed the program from the Mac App Store.
In the sequel, many more apps surfaced that work in a similar way. These all came from a developer named Trend Micro, Inc. However, this had nothing to do with the reputable antivirus company, but had simply chosen this reliable name. The best known apps of the developer were Dr. Unarchiver and Dr. Cleaner. These two questions also first access your user folder and then send your browser history. Just like Adware Doctor both apps have been removed from the Store.
Now the danger is gone, but it is a good reminder that you should always be alert. Even an allegedly safe haven like the Mac App Store can therefore sometimes contain malware and spyware.