Mac security app sent data to China

Isaac Cain
September 12, 2018

It is unknown how many users downloaded these "tools" and had their data scraped over the lifetime of the apps.

Reed claimed that the app itself has a long track record of unscrupulous behaviour: it was previously called "Adware Medic" - a title which Reed said was a "rip off" of his app of the same name. The collected user data was uploaded to a US-based server hosted by Amazon Web Services and managed by Trend Micro.

Apple removed several anti-malware apps from its Mac App Store after the apps were found to export users' browser histories.

A similar situation happened in the then Windows-Store with Torrenty, an app which would install adware once downloaded, It slipped past app store verification but was struck down once media reports brought it under scrutiny. In a blog post, the company said that the apps "collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation". Cleaner, and were billed as apps that could help protect and clean up your Mac, or be used to open archived files.

Antivirus vendor Trend Micro has apologized after its Mac apps were found collecting browser histories from people's computers. At no point was user consent requested, nor where users alerted that this happening behind the scenes. However, since then other similarly problematic apps have been discovered.

More news: Gareth Southgate expects swift return to club action for Dele Alli

Trend Micro's list of apps in the App Store at the time of publishing is reduced to two entries: Network Scanner (five ratings) and Dr. WiFi (not rated yet).

The 9to5mac.com website, which has reported on the issue, tried out one of the apps, Dr. Unarchiver, and confirmed that it was indeed collecting data from the home directory of the Mac it was installed on.

But, according to what was published by the well-known security researcher Patrick Wardle, this application is accessing user data for which it did not warn that it would consult and who should have access. Over the weekend, the saga continued with revelations that several other apps in the Mac App Store were doing the same thing.

Trend Micro blamed the behavior on the use of common code libraries and has now removed the browser data collection feature and deleted logs store on the AWS servers.

Apps collect data such as Global Positioning System coordinates, WiFi network IDs and more, and pass all of it to advertising and monetization firms.

Other reports by LeisureTravelAid

Discuss This Article

FOLLOW OUR NEWSPAPER