Apple App Store Jewel "Adware Doctor" Pilfered Phone Data to Send to China

cageymaru

cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,660
The Adware Doctor app occupied the front page of the Apple App Store as the #4 highest rated app, but it had a dark secret. Instead of removing viruses and malware from iOS devices, it was collecting all browser history, app store purchases, and more to bundle into an encrypted file to be sent to a Chinese server. The app allegedly had access to any file on the victim's device. Security researchers notified Apple of the rogue app's sinister purpose as early as August 7, 2018, but Apple allegedly did nothing until news outlets started talking about it.

The invocation of the sysctl function coupled with the string GetBSDProcessList (in the assert) give it away! It's (likely) just a copy and paste of Apple's GetBSDProcessList code (found in Technical Q&A QA1123 "Getting List of All Processes on Mac OS X"). Apparently this is how one can get a process listing from within the application sandbox! I'm guessing this method is unsanctioned (as it clearly goes against the design goals of sandbox isolation). And yes, rather amusing the code Adware Doctor uses to skirt the sandbox, is directly from Apple!
 
cageymaru said:
Ha ha ha! It was the best story I could find. I guess when you have a population that large it is easy to have thieves that would do things like this.
Click to expand...

China is brutally oppressive, they execute something like 10,000 people a year. Being a criminal is probably a vital survival skill in countries like China.
 
the great thing about china and its VAST population is.. even if her looks make her 1 in a million.. still means there are literally thousands of her

:ROFLMAO:(y)
 
I wonder if the code from Apple was provided in some kind of SDK, or if it was stolen from someone at the iPhone manufacturing plant over there.
 
Twisted Kidney said:
China is brutally oppressive, they execute something like 10,000 people a year. Being a criminal is probably a vital survival skill in countries like China.
Click to expand...
That number is shocking =(
According to Wikipedia it is now slightly less brutal (?)
The number of executions has dropped significantly since the Supreme People's Court regained the power to review all death sentences in 2007; for instance, the Dui Hua Foundation estimates that China executed 12,000 people in 2002, 6,500 people in 2007, and roughly 2,400 in 2013 and 2014.
Click to expand...
 
Templar_X said:
That number is shocking =(
According to Wikipedia it is now slightly less brutal (?)
Click to expand...

A declining trend, now they are much more enlightened and merely 're-educate' those that don't have the correct race/language/political leaning/thoughts. That such education takes a lifetime in some instances has nothing to do with a suppressive regime, it merely shows that some people need extra assistance in their re-education.
 
Eh it seem to be a Mac app, not an iOS app as the summary implies. Which makes more sense.
 
So the the vetting process on submitting to the app store includes greasing some palms as well.
 
Is anyone aware of software that can alert you(or block the packet) whenever an outgoing packet from your phone or LAN router is headed to China?
Seriously, how many of us ever intentionally contact China-based servers?
 
LOL listening to all the rationalization. "They have a large population so of course they'd have thieves like this...".

No, nothing like this happens in China without the direction of the State. The depth of ignorance about communist regimes is staggering, thanks to being virtually purged from primary and secondary education.
 
In a first run: how do I get a virus or malware on my iOS device ? Why would I need those software ? Why would Apple allow those software ?
 
Apple only cares about money. No surprise. Fact did nothing about only shows Apple doesn't want to protect its users info.
 
This. This is why I don't do apps, stores and never do banking on a phone. It's supposed to be safe and curated, lies. You don't know who has access to the entire device for no reason. This is reckless progress that they can shove up their arses, give me my damn www. .com back, just relating to that other story.
 
Twisted Kidney said:
China is brutally oppressive, they execute something like 10,000 people a year. Being a criminal is probably a vital survival skill in countries like China.
Click to expand...

There are far worse fates than being executed. Especially if its a quick firing squad style thing.
 
maxz01 said:
There are far worse fates than being executed. Especially if its a quick firing squad style thing.
Click to expand...

For sure. North Korea is a master of them. I guess you've truly mastered your state control when you can make dissidents beg for death.

It doesn't change the fact that families are left behind when throngs of people are executed for sedition.
 
Why do people do the typing their words instead of just saying it thing? So annoying.
 
I am sure someone will come aling and explain how we underlings cannot possibly understand what this app is doing or why, as we are not capable of that level of thinking. Afterall, it is an Apple app. It cannot be flawed.
 
damicatz said:
That is the officially reported number.

There is a holocaust going on right now with the Uyghurs. Concentration camps and mass cremations. People being rounded up and disappearing without ever being heard from again for speaking out against the communists.
Click to expand...

It is not the official number, it was an estimation by the Dui Ha Foundation, a San Francisco-based nonprofit humanitarian organization.
Though yes, i understand the real numbers can be higher.

Being a world superpower whom everyone owes money to lets you get away with a lot =(
 
You must log in or register to reply here.
Back
Top