"From a security and privacy point of view, one of the main benefits of installing applications from the official Mac App Store is that such applications are sandboxed", Wardle blogged.
The US$5 app was marketed as a way of clearing out cookies, caches and junk from computers, but it actually didn't do any of that, and instead was collecting browser history and personal data and sending it to servers located in China.
"However, once the user has clicked 'Allow, ' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files".
Another thing these apps have in common is a connection with Trend Micro and a Chinese developer.
The apps' behaviour was noticed by a security researcher last week.
"Trend Micro is aware of a recent scrutiny of some of our consumer applications, including our Dr".
"Most of this is data that App Store apps should not be accessing, much less exfiltrating".
We reached out to Trend Micro for a statement on the matter but received no reply at the time of publishing. "This was a one-time data collection, done for security purposes", the company said in a blog post. Apple is making some privacy improvements in macOS Mojave which should prevent apps from stealing a user's browsing history but given how a company lays so much emphasis on the privacy and security of its users, this should not have happened in the first place.
Every app in this group-or should it be a "practice" since they're all doctors?-appeared to steal data in the same way. A free app from the App Store may seem perfectly innocent and harmless, but if you have to give that app access to any of your data as part of its expected functionality, you can't know how it will use that data.