Cleaner that showed browser history as one of the types of data collected with user permission. Trend Micro linked to a support page for Dr.
#TREND MICRO MACINTOSH LICENSE#
The company said in its response that the Trend Micro apps were collecting and uploading "a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation." But it claimed this functionality was "for security purposes," and the actions were permitted by users as part of the End-User License Agreement on installation. Battery and Duplicate Finder - were removed from the Mac Appīut denied that the apps were stealing data and sending that data to Chinese servers. "There is really no good reason for a 'cleaning' app to be collecting this kind of user data, even if the users were informed, which was not the case."
Cleaner, minus the list of installed applications," Reed wrote in his analysis. We observed the same data being collected by Dr. "Unfortunately, other apps by the same developer are also collecting this data.
#TREND MICRO MACINTOSH ZIP FILE#
Reed said Open Any Files - developed by Hao Wu - and the Trend Micro apps were uploading the zip file to Trend Micro servers, and Open Any Files was found promoting Trend Micro's Dr. Reed said he "saw the same data being collected and also uploaded in a file named file.zip to the same URL used by Open Any Files" in the Dr. " we have decided to no longer publish or support this product."] [ UPDATE: In an amended statement on the matter, Trend Micro admitted that Open Any Files is one of the vendor's apps and In addition to these apps stealing data, Reed noted in his analysis that at least two Trend Micro apps appeared to be acting improperly.
#TREND MICRO MACINTOSH SERIAL#
" Trend Micro apps and company responseĪdware Doctor was developed by an unknown developer whose identity is based on the name of a notorious Chinese serial killer, Zhang Yongming, who was executed in 2013 after being convicted of killing 11 boys and young men another app, Open Any Files: RAR Support, was developed by "Hao Wu," but it's unclear who the individual is. For example, a sandboxed application from the Mac App Store should not be able to access a user's sensitive browser history," he continued. "When an application runs inside a sandbox it is constrained by what files or user information it can access. (The other benefit is that Apple supposedly vets all submitted applications - but as we've clearly shown here, they (sometimes?) do a miserable job)," Wardle wrote in a blog post. "From a security and privacy point of view, one of the main benefits of installing applications from the official Mac App Store is that such applications are sandboxed. At first, Wardle said the app was behaving normally until it came time to "clean" the user system that's when he observed the app stealing browser history data and a list of installed apps. 4 ranked paid app, Adware Doctor - published by Yongming Zhang in the Mac App Store - was stealing data. Reports about the apps potentially stealing data first appeared on the Malwarebytes forum in late 2017, but the issues were confirmed recently by at least three individuals: Patrick Wardle, CEOįounder of Digita Security a security researcher based in Germany who goes by the Twitter handle and Thomas Reed, director of Mac and mobile at Malwarebytes Labs.
At least eight apps - six Trend Micro apps and two published by a developer who goes by the name Yongming Zhang - were found to be gathering data from user systems, including web browsing history, App Store browsing history and a list of installed apps.
0 kommentar(er)
