8/18/2023 0 Comments Trend micro dr. cleaner proThis is a massive privacy issue and we expect Apple to pull these apps from the Mac App Store fairly quickly. Unarchiver” is the nº 12 most popular free app in the US Mac App Store. Inspecting the files the app archives and uploads to their servers revealed the full browser history for Safari, Google Chrome and Firefox, separate files specifically dedicated to storing the user’s recent Google searches on the same browsers and a file containing a complete list of all apps installed on the system, including information about where they were downloaded from, whether they are 64-bit compatible and their code signature.Īs of today, “Dr. After allowing access to the home directory, the app proceeded to collect the private data and upload it to their servers (we blocked that with a proxy). Selecting “Scan” launched an open dialog with the home directory selected, this is how the app gets access to a user’s home directory, which it needs in order to collect the history files from browsers. After extracting a zip file with the app, it offered an option to “Quick Clean Junk Files”. We were able to confirm these reports, at least with the Dr. All of this information is collected upon launching the app, which then creates a zip file and uploads it to the developer’s servers. The app will also collect information about other apps installed on the system. Other researchers followed up and found that apps distributed by this “Trend Micro, Inc.” account on the Mac App Store collect and upload the user’s browser history from Safari, Google Chrome and Firefox to their servers. This issue was reported before by a user on the Malwarebytes forum, and in another report. Today, we’re talking specifically about the apps distributed by a developer who claims to be “Trend Micro, Inc.”, which include Dr. It looks like we’re seeing a trend of Mac App Store apps that convince users to give them access to their home directory with some promise such as virus scanning or cleaning up caches, when the true reason behind it is to gather user data – especially browsing history – and upload it to their analytics servers. It’s a curious story, and while Trend Micro has admitted that its apps collected and uploaded user data and said it is removing this capability, how does this happen in the first place? What could possibly be the excuse for a company that advertises itself as “a global leader in cybersecurity solutions” to engage in such behavior, which is not just a serious ethical lapse, but a clear violation of Apple’s App Store policies? And if Apple is going to claim that the App Store approval process protects users, it clearly needs to do a better job.When you give an app access to your home directory on macOS, even if it’s an app from the Mac App Store, you should think twice about doing it. Apple has removed all Trend Micro apps from the Mac App Store. Battery, Duplicate Finder, NoSleep, and App Uninstall-were found to be collecting users’ browsing histories, along with other personal data. A number of Trend Micro’s free Mac apps-including Dr. Over at the Eclectic Light Company blog, Howard Oakley delves into how Trend Micro, a multi-national company with nearly 6000 employees and over $1 billion in annual revenues, was caught acting like a sleazy hacking crew.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |