Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Trend Micro Admits That Its Mac Apps Collect User Data

Trend Micro on Monday confirmed that some of its applications for Mac collect browser history and send it to the security firm’s servers. 

Trend Micro on Monday confirmed that some of its applications for Mac collect browser history and send it to the security firm’s servers. 

Recent reports revealed that so-called security applications for Mac that are being distributed through Apple’s App Store collected and exfiltrated users’ browsing histories along with some other sensitive information (such as lists of installed apps). 

The initial reports focused on Adware Doctor, a $4.99 application that would gather Safari, Chrome, and Firefox browsing history, the list of running processes, and a list of downloaded software. The program was observed sending the harvested data to a server located in China. 

Among the other applications that engaged in the collection of browsing history, researchers mentioned Dr. Antivirus and Dr. Cleaner, two programs developed by security software provider Trend Micro.

In a statement regarding these allegations, the company confirmed not only that the two applications collected user data, but also that other Mac apps developed by the company did the same, including Dr Cleaner Pro, Dr. Unarchiver, Dr. Battery, and Duplicate Finder.

The data collection practice, the company says, only targeted “a small snapshot of the browser history on a one-time basis.” Specifically, only the browsing history for the 24 hours prior to the installation were targeted. 

“This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service),” Trend Micro claims

The security firm also points out that users were informed on the collection and use of browser history data, both in the applicable EULAs and at installation, when the user was also prompted to accept the data collection. 

Advertisement. Scroll to continue reading.

The security firm also notes that the browser history data was uploaded to a U.S.-based server hosted by AWS and managed/controlled by Trend Micro.

All of the offending applications have been already stripped off the browser history collection capabilities, Trend Micro also says. In addition, the company also claims to have permanently dumped all legacy logs from the US-based AWS servers, including the logs of browser histories that the users permitted at installation (and which was only being held for 3 months). 

According to Trend Micro, the presence of the same data collection capabilities across a number of its applications was the result of the use of common code libraries. 

“We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. This has been corrected,” the company said. 

Related: Mac Apps From Apple’s App Store Steal User Data, Researchers Say

Related: Macs Infected With New Monero-Mining Malware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.