Popular Mac Ad-Blocker Has Been Sending Data to China

Credit: cgstock/ShutterstockCredit: cgstock/ShutterstockPeople use ad-blockers for all sorts of reasons. Some want to stop advertising companies from collecting information about them, some don't want to financially support ad-dependent websites and some just want the sites they visit to load faster. It's unlikely that anyone would use an ad-blocker because they want to share their browsing history with someone in China, but that appears to be exactly what the Adware Doctor app does.

Adware Doctor is one of the highest grossing paid apps in the Mac App Store. It's supposed to do what every other ad-blocker does: prevent online tracking and stop advertisements from loading. Ye,t after numerous complaints about the app doing things it shouldn't, like changing settings in Safari and secretly collecting users' browser history, Objective-See owner Patrick Wardle decided to figure out what exactly the suspicious doc is up to.

Wardle detailed his findings in a blog post today. The long and short of it is that even though Adware Doctor is an effective ad-blocker, it also collects browser history from Safari, Chrome and Firefox, which it then bundles up and sends to someone in China. Wardle said the actual exfiltration is currently disabled, but the version of Adware Doctor available in the Mac App Store will still collect this information and get ready to send it as soon as it can.

It's bad enough that a tool people use to protect their privacy has been secretly compromising it. But the problem is made worse by the fact that Adware Doctor is available via the Mac App Store, the entire point of which is to offer macOS users a trusted place to find software that's been vetted by Apple (and, of course, to centralize the distribution of desktop software using the mobile app model so Apple gets a 30 percent cut of these programs' revenues).

Worse still is the fact that Adware Doctor remains available even though Wardle said he notified Apple of its clear violations of Mac App Store policies a month ago. Apple didn't catch Adware Doctor's problems before releasing the app in the Mac App Store, failed to respond after numerous people complained about the app and has yet to remove it.

Apple even inadvertently markets Adware Doctor on its website. The page for the Mac App Store includes lists of the most popular apps in the marketplace, and there Adware Doctor sits, right in the fourth spot on the list. It's possible the page is automatically generated, but it still helps this dubious utility get even more attention from curious macOS users.

Anyone using Adware Doctor should immediately delete the app. There are plenty of alternatives that offer similar features, so even if the developer explains why the app secretly collected and shared this data, you shouldn't miss it.  But the same can't be said of the Mac App Store. Apple wants its marketplace to be the primary (or even only) place where its customers find new, safe apps, yet its ability to deliver on its promises is now in serious doubt.

And here we thought an apple a day would keep the doctor away.

This thread is closed for comments
    Your comment
  • 2sidedpolygon
    "You will never get a virus on a Mac"
  • Brian_R170
    So, the app developer/producer gets a bunch of people to install the software, provides a legitimate service and gains user trust for some period of time while secretly gathering their data. Then, presumably after a future software update, the app will transmit all of the collected data to some entity China.

    Not denying this looks bad, but if the app had a 20-page license agreement that said somewhere that it collects browsing data and sends it back to the developer to "help improve the developers product and services," then I wonder if anybody would care, even though we all know that collected data gets used for other purposes all the time.
  • miroslavhm
    Half of Apple software programmers and managers are Chinese - what do you expect, nobody to work for the Party there? Apple probably has hundreds of employee that are conducting active espionage. It's the same situation with hardware, firewalls, software to prevent theft - pretty much everything is infiltrated and built to spy or hack :). It's not just Apple.