Several data-mining apps have been discovered in Apple’s Mac Apple Store by independent security researchers.
Adware Doctor - which was removed after Friday’s reports - claims to remove adware threats, but also collects user browsing history as well as running processes and software download lists for Mac products.
The mining apps have managed to bypass the store’s submission procedures and are reportedly "exfiltrating" data to remote servers - in some cases to China, where over 25,000 illegal apps were recently removed from the country's store - without the knowledge or consent of users.
China’s data storage requirements are more relaxed than those of the United States and some European countries, according to MalwareBytes, which explained that the information that is collected could easily be used for malicious purposes.
Mac security researchers Patrick Wardle of Digita Security and Thomas Reed of Malwarebytes independently investigated the apps and found evidence to confirm the security breaches.
The Adware app mimics MalwareBytes that has repeatedly fought to take down clones of the app, from the same company, that keep appearing in the store. MalwareBytes urges users to "treat the App Store just like you would any other download location: as potentially dangerous."
A second app, Open Any Files, takes over a system's ability to handle documents that are not associated with an existing app and suggests other apps that could open the files.
Open Any Files, like Adware Doctor, captures the browsing and search histories of Safari, Chrome, Firefox and the App Store.
MalwareBytes added that "if you have to give that app access to any of your data as part of its expected functionality, you can't know how it will use that data. Worse, even if you don't give it access, it may find a loophole and get access to sensitive data anyway.”
A third app, Dr. Antivirus performs similar data collection tasks but with some restrictions from macOS.