The three apps removed include Dr. Antivirus, Dr. Cleaner, and Dr. Unarchiver and are no longer available for download at the Mac App Store. These apps were spotted by multiple researchers to be collecting and uploading user data and browsing history from Safari, Firefox and Chrome, , as well as other sensitive information from applications installed on their systems.

The issue was initially reported by Malwarebyes founder, Thomas Reed who had earlier noticed the behavior and discussed it at a Malwarebytes forum in December 2017. Reed recently published a video the day before Apple removed the Trend Micro apps (10Sept2018), demonstrating how the apps collected user data from popular web browsers and then sent it to a server linked to https://www.trendmicro.com.

Within 24 hours, the revelation sparked controversy and other researchers joined in, including Patrick Wardle, co-founder of Digita Security and founder of Mac Security website – Objective-See; Privacy 1st (who discovered and reported Adware Doctor’s spyware-like behavior) as well as a couple of other researchers who reported the activity to Apple.

Meanwhile, the popular cyber-security vendor has downplayed the act, saying:

This was a one-time data collection of browser history, done for security purposes to analyze whether a user had recently encountered adware or other threats…to improve the product & service,

the company argued.

Normally, apps from the Apple Mac store are sandboxed, so they are fairly limited in the types and extent of data they can access. However, because security apps are built to scan for security issues and clean up systems, they need more information that other apps can’t access, so these apps are designed to request access to main files on the user’s devices to gain the access they need. Once a user grants the app access to the home folder, the app has access to all user preferences and settings.

The company explains, however, in a statement that it has completed an initial investigation of a privacy concern related to many of its MacOS consumer products.

We apologize to our community for concerns they might have felt and we reassure them that all their data are safe and at no point was compromised. We have completed the removal of browser data collection features across our consumer products in question and have permanently dumped all legacy logs, which were stored on US-based AWS servers. We have identified a core issue which is humbly the result of the use of common code libraries,

Trend Micro stated.

The post Apple Removes Trend Micro Security Apps After Being Caught Collecting MacOS User Data appeared first on Hack Ware News.

The app, which sits fourth in in the Mac App Store’s top paid utility with a 4.8 star rating, is described as an adware protection and an anti-malware program that claims to be able to protect your Mac from malicious files and websites. 

Apple was first notified about a month ago by a security researcher called Privacy_1st who discovered that Adware Doctor was quietly uploading Mac users’ personal data, their list of running processes and App Store search history from Safari, Chrome and Firefox browsers. This is then stored in a password-protected zip file called “history.zip,” and uploaded to a remote hosting site named “adscan.yelabapp.com” administered by someone located in China. 

To illustrate this process of secretly uploading data to a remote server professional called data exfiltration, Privacy_1st created a proof-of-concept video where he illustrated what happens when the program is executed. He then contacted Patrick Wardle of Digita Security and Objective-See as well as Thomas Reed of Malwarebytes to help him on the analysis of this program.

Wardle released a blog post where he corroborated Private_1st’s findings and gave a detailed analysis about how the program would secretly gather a user’s app data and browsing details and then transfer it to a remote host.

Reed, the developer of Malwarebytes, says the malware program has a dubious history and his company had been monitoring it since 2015.  

This app is one that we at Malwarеbytes have had our eye on since 2015,” Reed explained on Malwarebytes website. “

At that timе, we discovered an app on the App Storе named Adware Mеdic – a direct rip-off of my own highly-succеssful app of the same name, which became Malwarеbytes for Mac. We immеdiately began detecting this, and contactеd Apple about rеmoving the app. It was еventually removed, but was rеplaced soon after by an identical app named Adware Doctor.”

Unfortunatеly the App Store is rеally not the safе haven that Apple would likе people to think it is,

Reed states. 

We dеtect and track a numbеr of different suspicious apps in the App Storе. Some of thosе have been rеmoved quickly, and others have takеn as much as six months to get removed. It’s not outright malware, but this junk softwarе that’s stеaling your data is pretty bad.”

It is not known what the users’ app data are being used for, but it is obviously worrisome that an app can be secretly collecting information and uploading it to an unknown organization in another country. According to latest reports, the remote server in China is currently offline.

The post Apple Removed Popular Security App from Its App Store for Violating Privacy Rules appeared first on Hack Ware News.