Trend Micro: Sorry Our Mac Apps Collected Browser Histories

13 September, 2018, 13:15 | Author: Julian Harrison
  • The Adware Doctor issues were first spotted by security researcher Patrick Wardle. Wardle detailed the app's flaws last month but Apple just removed the app today

Cleaner and Dr. Antivirus have disappeared from the Mac App Store after experts, including Malwarebytes Labs" head of Mac Thomas Reed, spotted that user data was needlessly being "exfiltrated' from these products.

Notwithstanding the spyware nature of Adware Doctor, Wardle admitted that it actually removes adware from users' browsers. It works by gathering users' browsing history from their various web browsers and sending them to a server based in China. The software security company denies these allegations and made their own statement in a blog post. However, the latest finding proves otherwise and highlights the fact that the Mac App store is not 100% secure for the Apple users.

News broke last week that Adware Doctor, an ad-blocker sold in the Mac App Store, quietly stole its users' browser histories and sent them to a server in China. The data was sent to a US-based server controlled by Trend, the company said. However, it looks that Apple does a miserable job sometimes when checking all submitted applications.

Of the controversial apps, Dr. Unarchiver is one of the top-ranked apps on the Apple App Store.

Apple pressured Facebook into removing the app, according to reports. However, it is being said that the app had violated the company's "Data Collection and Storage" guidelines.

The earlier statement said: "Dr Cleaner, Dr Cleaner Pro, Dr Antivirus, Dr Unarchiver, Dr Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation". I've been saying this for several years now, as we've been detecting junk software in the App Store for nearly as long as I've been at Malwarebytes.

Since its approval, Adware Doctor has managed to get itself a number of excellent but fake reviews on the Mac App Store.




But the app took those permissions a step further by collecting a user's browser history, a list of other software and any apps you've downloaded.

Trend is removing this, er, feature from its software, though.

Logs of user browser history, previously held for three months, have now been deleted.

Apple hadn't responded to a request for comment. The question is whether or not significant media attention will be required to reveal other bad actors in the Mac App Store too, or if this series of events will change the vetting process.

Reed is telling Mac owners to be wary of unnecessary apps.

Despite cases like this, however, App Stores are safer than the wild internet as curtain - even one that is many times perfunctory - can still screen unsafe apps more often than not.

Recommended:



Popular

Apple's newest iPhone could have big screen, big price
Huawei, which recently overtook Apple in global smartphone sales, has said it is working on a flexible device of its own . The prediction is that there will be three models of iPhones apart from the Apple Watches and iPad Pros and so on.

When Trump added an extra zero in his GDP tweet
The first two numbers are correct, although they measure completely different things, and in different ways. Hassett said he suspected someone "added a 0" to the fact as it was "conveyed" to the president.

Hurricanes Off Both US Coasts Have 39 Airports On Alert
Predicting hurricane tracks is a hard science, and the NHC said there are still uncertainties about the storm's track. The storm has 115 mph winds and is located 580 miles south-southeast of Bermuda and is moving west at 13 mph.

Residents told to ‘get out now’ as Florence takes aim at US
Rain from Hurricane Florence falling on this saturated ground will bring a widespread and severe flooding event. Storm surge flooding is expected to be significant along the low-lying coast of North and SC and Virginia .

Interim CBS Chief Omits Les Moonves Sexual Misconduct Allegations in Company Email
This has hurt morale, but there are some really, really good people that come to work every single day. It says that Moonves could receive a potential payout of $120 million if not terminated for cause.

Federer, Nadal, Djokovic: Who will win the most Grand Slams?
The US Open Men's singles final will be shown LIVE on Star Sports Select 1 and Star Sports Select 1 HD at around 1.30 am IST. The tiebreaker was resolved thanks to more del Potro miscues on his forehand side, as he looked more and more tired .

Packers make franchise history with comeback win over Bears
There is a very delicate balance for McCarthy to find in play-calling, and I don't want to make it sound obvious or easy. Later Rodgers said his playing status would be more clear later in the week. "That's what I love about him".

Southgate unwilling to commit to England beyond Euro 2020
The defeat was an inauspicious start to the Nations League and underlined the distance that needs making up to the world's best. According to the Evening Standard , Luis said: "I am especially happy about David De Gea's performance".

Horror as five people 'including 3 children' found dead at Perth home
Violent crime with multiple victims is rare in Australia but this was the second major incident in Western Australia this year. In July, Kiwi mum Michelle Peterson, 48, and her children Bella, 15 and Rua, 8, were killed in the suburb of Ellenbrook .

Authorities: Dallas officer arrested on manslaughter charge
Her name is Amber Guyger , and interestingly, she was also involved in the shooting of a suspect in 2017, according to a report. Add Police Shootings as an interest to stay up to date on the latest Police Shootings news, video, and analysis from ABC News.