Mac security app sent data to China

Share
Mac security app sent data to China

That reputation took a hit over the weekend with the revelation that some of the most popular Mac App Store apps were gathering ng up user data and remotely uploading them to the developer's servers.

Thomas Reed, the developer of Malwarebytes for Mac, chimed in on the thread confirming the unethical behavior and the connection between the two apps.

Further analysis by security researcher Patrick Wardle showed that Adware Doctor sent the complete browser history from Safari, Chrome, and Firefox.

"From a security and privacy point of view, one of the main benefits of installing applications from the official Mac App Store is that such applications are sandboxed", Wardle blogged.

The US$5 app was marketed as a way of clearing out cookies, caches and junk from computers, but it actually didn't do any of that, and instead was collecting browser history and personal data and sending it to servers located in China.

"However, once the user has clicked 'Allow, ' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files".

Another thing these apps have in common is a connection with Trend Micro and a Chinese developer.

The apps' behaviour was noticed by a security researcher last week.

"Trend Micro is aware of a recent scrutiny of some of our consumer applications, including our Dr".

"Most of this is data that App Store apps should not be accessing, much less exfiltrating".

We reached out to Trend Micro for a statement on the matter but received no reply at the time of publishing. "This was a one-time data collection, done for security purposes", the company said in a blog post. Apple is making some privacy improvements in macOS Mojave which should prevent apps from stealing a user's browsing history but given how a company lays so much emphasis on the privacy and security of its users, this should not have happened in the first place.

Every app in this group-or should it be a "practice" since they're all doctors?-appeared to steal data in the same way. A free app from the App Store may seem perfectly innocent and harmless, but if you have to give that app access to any of your data as part of its expected functionality, you can't know how it will use that data.

Share

Advertisement

Related Posts

Dual SIM iPhone confirmed
Replacing "Plus" with "Max" for the larger 2018 OLED iPhone further pushed Apple's branding decisions into stranger territory. Ming-Chi Kuo, a long-time Apple analyst based in Taiwan, believes that the iPhone XS Plus will get the dual-SIM tray.

SpaceX's Falcon 9 rocket to launch powerful telecom satellite
SpaceX successfully launched a Falcon 9 rocket carrying the Telstar 18 VANTAGE from Cape Canaveral early Monday morning. The droneship, which was named in honor of sci-fi author Iain Banks, is a remote landing platform for the rocket.

UEFA to introduce third European club cup competition
In a statement, Uefa said it is "constantly reviewing the format of its competitions and is looking at a variety of options". It was an idea first put forward in 2015 and should offer more chances for Scottish clubs to progress in European football.

Simon & Schuster Has Printed 1 Million Copies of Bob Woodward's 'Fear'
Just a day earlier, The Washington Post published excerpts from an upcoming book by famed Watergate reporter, Bob Woodward . "They're not really a friend", despite the $1.3 billion a year in aid the United States gave them, President Trump said.

Ariana Grande Was ‘An Unbelievably Stabilizing Force’ for Mac Miller, Says Friend
However, one of his friends, Shane Powers , is speaking out about they have it all wrong on his podcast The Shane Show . Ariana dated Mac , birth name Malcolm James McCormick, for about two years, splitting in May.

Jon Gruden finally speaks out on Khalil Mack trade
So, it makes sense why the Rams didn't push harder to deal for the 2016 Defensive Player of the Year. NFL.com's Jeremy Bergman came up with three takeaways from the Rams-Raiders Monday night showdown.

FIFA Loot Boxes Lead to Investigation of EA by Belgian Government
EA, meanwhile, doesn't feel it is in violation of the existing anti-gambling laws, because loot boxes, in its opinion, do not constitute gambling.

Carvajal sent a message to Shaw after their collision
According to the Telegraph, Tottenham are looking to sign Chilwell , while The Sun claim that Shaw is on their radar . Saturday will be a key game for Manchester United as they seek to recover from a poor start to the season.

Putin says Russian Federation and China to reduce use of dollar in trade
Relations between Ukraine and Russian Federation have been at a low since Crimea was annexed to Russian Federation in 2014. The exercise will be carried out in five army training grounds across the Sea of Japan, Bering Straits and Sea of Okhotsk.

Trump promises all-out response to Hurricane Florence
He said Florence could rival the impact of Hurricane Hugo, which wreaked $7bn (£5.3bn) in damage and claimed 49 lives in 1989. NHC director Ken Graham admitted: "This one really scares me".

© 2015 ExpressNewsline. All Rights reserved.