Apple has just deleted all popular security apps offered by well-known cyber-security vendor – Trend Micro from its official Apple App Store after they were caught stealing users’ sensitive data without their consent.
The following controversial apps in question include –
– Dr Cleaner
– Dr Cleaner Pro
– Dr Antivirus
– Dr Unarchiver
– App Uninstall
– Dr. Battery and
– Duplicate Finder
The apps were all available recently for MacOS computers and were removed just two days after Apple kicked out another popular “Adware Doctor” application for stealing and sending browser history information from users’ Safari Browsers, Google Chrome for Mac, and Firefox to a server in China.
“This was a one-time, big-time data theft, done for security purposes (to analyze whether a user had recently ran into adware or other threats, and thus to improve the product & service),”
Trend Micro argued in their statement.
The dubious behavior of the aforementioned Trend Micro applications was initially reported by a user on the Malwarebytes forum in December 2017, which was last weekend re-confirmed by security researcher Privacy_1st on Twitter, who then notified the issue to Apple, Inc.
Privacy_1st was the same researcher who also uncovered and reported about the questionable spyware-like behavior of Adware Doctor.
Unfortunately, they were not the only ones having the issue. Within 24-hours after the revelation sparked controversy, a number of security experts also found similar issues in almost all MacOS security and utility apps offered by Trend Micro. In a blog post published by Thomas Reed, a security researcher with Malwarebytes, also confirmed the data exfiltration by Dr. Antivirus and Dr. Cleaner applications.
Trend Micro admitted and took responsibility to the Issue, but somehow tried to downplay it.
Trend Micro tried to defend its actions but in response to broader media coverage, the security firm yesterday finally admitted data collection by a number of its apps and apologized right away.
“We apologize to our community for concern they might have felt and can reassure all that their data is safe and at no point was compromised.”
“We have completed the removal of browser collection features across our consumer products in question. We have permanently dumped all legacy logs, which were stored on US-based AWS servers,” and “we believe we identified a core issue which is humbly the result of the use of common code libraries.”
Apple has since removed the apps in question, but users who have already downloaded one of the above-mentioned apps are strongly advised to remove them from their systems as soon as possible.