Security Threat: Adware Doctor requesting administrator rights
Demo Video: https://www.youtube.com/watch?v=IdDE9IPPGJA
Recently we investigated the case of Adware Doctor which can be found in the Apple Mac AppStore.
The investigation started upon the request of some users which are complaining that the app is requesting administrative privileges.
Just to remind that if an application has administrative privileges to a system, it will be able to do anything with your system. This can cause potential data lose or financial lose.
After running the application the user must select which browser it has to "clean".
So far so good nothing wrong with it but the application is initiating a connection to an Amazon AWS Cloud server for some sort of update (we monitored the activity and didn't noticed any changes - which concludes that the application is sending some sort of information to the developer server).
Next step is the administrator privileges request. The application is requesting to the end user to provide the login credentials of the OS X system which is HIGH security risk. NEVER and I say NEVER an application from App Store will request such a thing.
Providing the login credentials you are permitting to the application to execute anything on your device. From installing rogue software to even monitor your activity.
WE ARE ENCOURAGING THE APP STORE USERS NOT TO DOWNLOAD THIS APP AND REPORT IT IMMEDIATELY TO THE APPLE FOR REMOVAL.
Any thoughts how the reviewer missed this?
According to Apple Policies no application should request admin rights....
MacBook Pro, OS X El Capitan (10.11.3)