Trend Micro makes popular apps for cleaning up systems and guarding against malware infection. At least one of its offerings in the Mac App Store uploads user data for reasons unknown, including web browsing history. This is very much like last week’s Adware Doctor case, and suggests that the practice is widespread.
When you give an app access to your home directory on macOS, even if it’s an app from the Mac App Store, you should think twice about doing it. It looks like we’re seeing a trend of Mac App Store apps that convince users to give them access to their home directory with some promise such as virus scanning or cleaning up caches, when the true reason behind it is to gather user data – especially browsing history – and upload it to their analytics servers.
Today, we’re talking specifically about the apps distributed by a developer who claims to be “Trend Micro, Inc.”, which include Dr. Unarchiver, Dr. Cleaner and others. This issue was reported before by a user on the Malwarebytes forum, and in another report. Other researchers followed up and found that apps distributed by this “Trend Micro, Inc.” account on the Mac App Store collect and upload the user’s browser history from Safari, Google Chrome and Firefox to their servers. The app will also collect information about other apps installed on the system. All of this information is collected upon launching the app, which then creates a zip file and uploads it to the developer’s servers.
Dr. Unarchiver hovers near the top 10 in the App Store. With luck we’ll get one of those poetic “kettle logic” sequences, where any one answer might be reasonable enough but in combination becomes damning.
Apple doesn’t let anyone do it.
We’re not doing it.
We didn’t know we were doing it.
Everyone does it.
There’s nothing wrong with doing it.
It’s your fault we had to do it.
Also in on all your smut and sedition choices, if they want it badly enough: your ISP, your VPN, your government, your device maker, your browser maker, and your gods.