Sorry Our Mac Apps Collected Browser Histories — Trend Micro

Gerald Bowen
September 12, 2018

Apple has been forced to remove one of the most popular security apps on its Mac App Store after it was found to be secretly exfiltrating browser data to China.

Adware Doctor, which claimed to keep "malware and malicious files from infecting your Mac", was earlier removed when it originally posed as Adware Medic, an actual malware app released by Malwarebytes (Malwarebytes for Mac).

According to reports on the Malwarebytes forum, the apps collected browsing history from Safari, Chrome and Firefox web browsers, as well as information about which apps have been installed on the Mac. They looked like legitimate applications, with several of them making best-selling apps lists, then they'd work their way around the sandboxing Apple uses to prevent apps from accessing data they shouldn't.

We review products independently, but we may earn affiliate commissions from buying links on this page.

On Saturday, security researcher Privacy_1st published a video showing that Dr. In a blog post, the company said that the apps "collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation".

Democrats lay off Sessions after Papadopoulos contradicts Hill testimony
Warner said the committee has conducted more than 100 interviews and would still like to sit down with Michael Cohen, Mr. Trump's former attorney who pleaded guilty to fraud and campaign finance charges last month.

Donald Trump’s autumn visit to Ireland postponed
Just under two weeks after it was confirmed that Donald Trump would be visiting Ireland , it now appears that the trip is off. Mr Coveney said: "It will be controversial because everything Donald Trump does these days is controversial".

Russia kicks off biggest war games in decades
The country´s war games in Eastern Europe a year ago , Zapad-2017, saw 12,700 troops take part according to Moscow. Mongolia also sent a small contingent. "I see little in the long term that aligns Russian Federation and China".

iOS developer and 9to5Mac writer Guilherme Rambo found that Trend Micro's Dr. Unarchiver was also siphoning user data. The researcher says that the serial number and the version of the operating system were among the exfiltrated details. He notes that he worked closely with @privacyis1st to compile the report. At no point was user consent requested, nor where users alerted that this happening behind the scenes.

Adware Doctor and Komros Adware Cleaner (same developer behind them), Open Any Files and Adblock Master relied on the same technique to lift the information from users.

Apps distributed by a developer called "Trend Micro, Inc." on the App Store have been caught doing the same thing. We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion.

Several anti-malware apps made by Trend Micro have since been updated by the cyber-security company. A representative of the company told BleepingComputer that the company statement would be updated continuously.

Other reports by

Discuss This Article