Apple pioneered the idea of "app stores," where operating system vendors got to decide who could distribute software that ran on their platforms, arguing that these "curated" stores would ensure high quality and protect users from malicious and inferior code.
The most successful App Store is the one Apple operates for Ios users, but the company has also spent years hoping to get Mac users to get their software from the Mac App Store (Mac users, unlike Ios users, are not forced to get their apps through the official App Store).
The fourth highest-ranked paid app in the Mac App Store was Adware Doctor, a $5 "privacy" tool with a long history of shady activity (including switching off users' privacy protection!), whose reviews were a long string of obvious fakes.
As new research from Patrick Wardle (previously) reveals, Adware Doctor surreptitiously gathers its users' complete browsing history and exfiltrates it to a mysterious server in China.
Optional App Stores — like Ubuntu's Software Center and Android's Google Play — are handy ways to get curated lists of software, and so long as they don't overpromise (by guaranteeing that they'll keep malware out of the store), users have a better chance of understanding the risks they take when they install their offerings. But when an App Store is mandatory — literally the only way to get apps for your device — then the responsibilities placed on the store's operator get a lot more serious: they have to moderate perfectly, not over- or under-blocking. No one is perfect.
The fact that application has been surreptitiously exfiltrating users' browsing history, possibly for years, is, to put it mildly, rather f#@&'d up!
Second, let's have a brief chat about the Mac App Store and Apple's role (or lack there of) in all of this.
Apple states:
"The safest place to download apps for your Mac is the Mac App Store. Apple reviews each app before it's accepted by the store, and if there’s ever a problem with an app, Apple can quickly remove it from the store."
While there is no doubt that downloading apps from the Mac App Store is, generally speaking, far safer than from some random website on the internet, the other claims in this statement perhaps lack some truthiness – at least in the case of Adware Doctor
A Deceitful 'Doctor' in the Mac App Store [Patrick Wardle/Objective See]
Popular Mac Anti-Adware App ‘Surreptitiously Steals’ Your Browsing History, Researchers Say [Lorenzo Franceschi-Bicchierai/Motherboard]