Trend Micro Apps Leak User Data, Removed from Mac App Store

Trend Micro website displayed on a smartphone device

Popular Mac app Adware Doctor pulled by Apple after revelation it steals browsing history

Cybercriminals are constantly coming up with more elaborate ways to gain access to user data and now they have found a new way to do so through the Mac App Store according to a post on Malwarebytes' forum. On September 7, Apple deleted Adware Doctor from their store after it was found tracking and stealing various personal information from its users.

What the app actually does, however, is it collects users' system files and browser by history and sends it to a domain based in China.

Trend Micro has confirmed Wardle and Privacy First's fears are true, and that browser histories were collected as part of the code's installation.

On Friday, Apple removed Adware Doctor, a top security app, from its store, on the exact same grounds.

In Apple's defence, every app on the App Store is prohibited from collecting this sort of data without explicit consent from the user.

Further analysis by security researcher Patrick Wardle showed that Adware Doctor sent the complete browser history from Safari, Chrome, and Firefox. The browser history data was uploaded to a US-based server hosted by AWS and managed/controlled by Trend Micro.

Researchers noted that insecure applications appeared to be repeatedly getting around Apple's vetting process for the App Store.

Apple, on the other hand, has not made any official statement on the removal of Adware Doctor from its App Store.

Tennis Umpires Considering Boycott of Serena Williams' Matches After US Open Meltdown
At the press conference after the match , Williams said that the umpire's sanctions were an act of sexism, according to CNN . That triggered a third violation, which resulted in a game penalty that gave Osaka a 5-3 lead.

Indian nuns demand arrest of bishop accused of rape
She demanded whether " Church authorities can give back what I have lost". "The bishop should be punished", Sharma further said. The nuns say they have been denied justice by church authorities and police.

IPhone XR: Apple unveils iPhone XR starting at £749
New Airpods with Wireless Charging - not surprisingly, these didn't launch since the AirPower charging mat still isn't done. The company also introduced a lower-cost 6.1-inch (15.5 cm) iPhone XR made of aluminum and lower screen quality.

The TechCrunch report also revealed that Wardle had contacted Apple about the issue a month ago, but the app was available in the Mac App Store despite that. The issue at hand is the unlawful collection of data and there is no telling how much information was gathered through unauthorized access. By accessing the home directory, they were then able to gain access to information about users' browsing history, and more.

Six apps including Dr.

The company added: "We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security-oriented apps such as the ones in discussion".

Trend is removing this, er, feature from its software, though.

Despite denying any wrongdoing, Trend Micro said it was taking steps to reassure users that their data was safe.

Trend Micro is taking customer concerns seriously and has chose to remove this browser history collection capability from the products at issue.

IT Pro has approached Apple for comment but it had not responded at the time of publication. Apps downloaded from the App Store are supposed to be immune to this kind of exfiltration.

Thomas Reed, the developer of Malwarebytes for Mac, chimed in on the thread confirming the unethical behavior and the connection between the two apps.

Latest News