Apple has removed almost all popular security apps offered by well-known cyber-security vendor Trend Micro from its official Mac App Store after they were caught stealing users’ sensitive data without their consent.
The controversial apps in question include Dr Cleaner, Dr Cleaner Pro, Dr Antivirus, Dr Unarchiver, App Uninstall, Dr. Battery, and Duplicate Finder for Mac computers.
The apps were removed just two days after Apple kicked out another popular “Adware Doctor” application for collecting and sending browser history data from users’ Safari, Chrome, and Firefox to a server in China.
“This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product service),” Trend Micro argued.
The suspicious behavior of Trend Micro apps was initially reported by a user on the Malwarebytes forum in December 2017, which was last weekend re-confirmed by security researcher Privacy_1st on Twitter, who then notified the issue to Apple.
Privacy_1st is the same researcher who also discovered and reported about the suspicious spyware-like behavior of Adware Doctor.
Trend Micro Apps Caught Stealing Users’ Data
The researcher has also published a video demonstration showing how Dr. Cleaner and Dr. Antivirus collected users’ system information and browsing history data from popular web browsers including Safari, Chrome, and Firefox, and then sent them to trendmicro.com.
However, they were not the only ones having the issue. Within 24-hours after the revelation sparked controversy, multiple security researchers found similar issues in almost all macOS security and utility apps offered by Trend Micro.
In a blog post published by Thomas Reed, a researcher with Malwarebytes, also confirmed the data exfiltration by Dr. Antivirus and Dr. Cleaner applications.
At the time of writing, Apple has removed all Trend Micro apps (with high user reviews and ratings) from its Mac App Store, except Network Scanner and Dr. WiFi.
Trend Micro Admitted to the Issue, But Tried to Downplayed It
Trend Micro first tried to defend its wrongdoing but in response to broader media coverage, the security firm yesterday finally admitted data collection by a number of its apps and apologize.
However, the company again downplayed the significance of its users’ privacy breach by saying that the apps “collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation.”
“We apologize to our community for concern they might have felt and can reassure all that their data is safe and at no point was compromised,” Trend Micro said.
“We have completed the removal of browser collection features across our consumer products in question. We have permanently dumped all legacy logs, which were stored on US-based AWS servers,” and “we believe we identified a core issue which is humbly the result of the use of common code libraries.”
First the popular security-scanning Adware Doctor app, and now several popular apps from a trusty security vendor stealing your data and privacy suggest that even top apps on official Mac App Store cannot be trusted blindly.
Though Apple has already removed the apps in question, users who have already downloaded one of the above-mentioned apps are strongly advised to remove them from their systems as soon as possible.