Update (September 11): The company behind all these apps, Trend Micro Inc., has apologized to its users. It has claimed that it has removed all the user data stored on its servers and it has also removed the code which was responsible for uploading it.
Generally, Apple’s app stores are considered to be the hosts of secure apps, but a bunch of apps from the Mac App Store are silently spying on the browser data of the users. On the list, there are several top apps such as Adware Doctor, Adware Medic, Dr. Cleaner, Dr. Unarchiver and more.
Most of these apps distributed by Trend Micro. Inc were collecting browser history from Chrome, Safari, and Firefox and uploading it to the company’s servers. These apps duped users into giving them access their MacOS home directory with actions like as ‘Scan for Viruses’ or ‘Clear cache’.
Top Sold MacOS AppStore application is ROGUE. Adware Doctor is stealing your privacy. PoC: https://t.co/LmveX593q0#malware#virus#MacOS#Apple#MacBook#MacBookPro#CyberSecurity#privacy#GDPR#Hacking#hackers#cyberpunk#Alert
— Privacy 1st (@privacyis1st) August 20, 2018
Giving an app access to your home directory means that it can potentially access your browsing history, iMessage conversations, emails and more. The apps in question later collected browsing data as well as data of the apps installed on the system, made a zip file of the information and sent it to the developer’s server. For future reference, you’ll want to be careful about which apps you allow access to your home directory.
A 9to5Mac report suggests that these apps have been removed from the App Store. Apple has had a history of boasting about the security of its app stores. However, this incident suggests that these stores cannot be fully trusted as some of the most popular apps (Dr. Unarchiver is #12 most popular free app in the US Mac App Store, Adware Doctor is #1 paid utility app) there are putting user data at risk. We have contacted Apple and Trend Micro Inc. and will update the post if there is any response.