Planned maintenance is performed every weekend for managed clients Saturday, 7am to 1pm
Fri, 28 Sep 2018 18:54:13 -0700
Linux Vulnerability; Log into most any Linux system by hitting backspace 28 times
Mon, 21 Dec 2015 12:15:35 -0700
Follow us on Twitter
Tue, 23 Apr 2013 10:13:01 -0700
vCenter Server 4.0.x web services may fail after installation of Microsoft Security Advisory update
Wed, 07 Nov 2012 13:28:21 -0700
Adware Doctor was one of the most popular paid apps in the App Store. New research shows however, that the app is essentially spyware and is periodically transmitting user data to a server in China.
The app claimed to prevent “malware and malicious files from infecting your Mac,” and offered the ability to remove adware that is already on your system. According to security researcher, Patrick Wardle, once the app has been downloaded, it asks for high-level access to your system files and begins a process of working around Apple’s normal “sandboxing” protections.
Wardle describes in depth how Adware Doctor works on his blog “Objective-See.” Essentially, the app sidesteps Apple's sandboxing features and snags browser histories from Chrome, Firefox and Safari. "Now, an anti-malware or anti-adware tool is going to need legitimate access to user's files and directories -- for example to scan them for malicious code," Wardle explains. "However, once the user has clicked 'Allow,' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files. So yes, it will be able to detect and clean adware, but also collect and exfiltrate any user file it so chooses!"
Wardle found that the downloaded app jumped through hoops to bypass Apple’s Mac sandboxing features, which prevent apps from grabbing data on the hard drive, and upload a user’s browser history on Chrome, Firefox and Safari browsers.
The app has since been removed, but it is unclear whether the app makers or Apple removed the app. It is notable that the app held the number four spot on paid apps while available for purchase and was on sale until it was removed.
Spyware is frequently downloaded accidentally from unverified files, like games from “free” websites.
Take Vigilant Technologies free infrastructure assessment today!
Vigilant Technologies is a Veteran Owned company headquartered in Chandler, Arizona. We provide products, services and enterprise-wide integration of innovative IT solutions to commercial, Federal, State and Local government clients. Our Leading edge services include Private/Hybrid Cloud, Server Consolidation, Virtualization implementation, and Infrastructure Management.
Need to get a hold of us? No problem!
4500 S. Lakeshore Drive
Tempe, Arizona 85282