Apple is widely known for its secure interface on all its devices. But the news has emerged that a number of security apps from Trend Micro Inc have been stealing and sharing user data without consent. What’s concerning is that these apps are from a widely popular developer on App Store.
TechRadar got in contact with the company, upon which they gave the following statement,” Trend Micro is aware of a recent scrutiny of some of our consumer applications, including our Dr. Cleaner, a cleanup app that offers Memory Optimization, Disk Cleaning and System Monitoring, and Dr. Antivirus, an antivirus app that protects Mac users from adware and hijack browsers. We take this situation seriously and are diligently digging into this before sharing additional details. We take data privacy very seriously and will do anything necessary to ensure our customers are protected.”
The apps mentioned rank very high on App Store’s free charts. Dr. Cleaner and Dr. Unarchiver are billed as virus scanning and cleaning apps. The apps also open archived files on your Mac device. Media channels are continuously trying to catch up with the company to verify its roots.
These apps, when installed, gain access to Mac’s home directory and then upload user data to different servers from the developer in a zipped file format.
What data are They Gathering?
The reports on Malwarebytes forum confirmed that the said apps were collecting browsing history from eminent web browsers including, Chrome, Safari, and Firefox. Moreover, Dr. Unarchiver and Dr. Cleaner also share the information about the installed apps on your Mac. The user remains unknown to any of this data gathering.
The news was verified by 9to5mac. The website reported the issue after they installed the apps on a mac. They confirmed that Dr. Unarchiver and Dr. Cleaner were collecting data from the home directory of the Mac.
9to5mac confirmed that the apps created a zip file containing browser history. Along with the visited sites, the file had a full list of installed applications on the system. It had information about all the Google searches. Moreover, the file had information about where all the apps on the device were downloaded from along with their code signatures and 64-bit compatibility. To collect this data, the apps, at no point, asked user permissions. What’s worrying is that the apps had access to the home directory. They could gather more personal data.
In the related news, last week, Adware Doctor, an app known to remove malware and malicious files, was also found stealing user data without consent. Adware Doctor was stealing browser history from installed Macs and sharing it to servers in China. While Apple took the matter seriously and removed the app instantly from App Store but that was not before the app reached No. 1 spot in the paid software category.
All these apps are now removed from the App Store, but users who have previously installed the apps are still unaware of the revelation. These questionable apps have raised doubts on other apps too making Apple scan the store for apps with home directory access.
Macs are known for their secure environment with Apple’s stringent rules for Mac App Stores.
However, the reputation has come to a risk with this shocking revelation. In response to these privacy concerns, Apple now provides users an ability to download a data copy collected by company apps including App Store, Apple ID account, iTunes activity, online retail activity, device information, AppleCare history, and many more. Perhaps this is the right way to deal with the problem and keep user trust in the company.