Beware! These Mac apps might be stealing your data
What's the story
Apple has long held a reputation of hosting only secure apps on its App Store. However, now, it's been found that a bunch of apps from the Mac App Store have been duping users, and silently and sneakily uploading users' browsing data on to developers' servers. Understandably, the discovery has put Apple's credibility in question. Here are the details.
Which apps?
Most of the rogue apps were distributed by Trend Micro
What is perhaps most disturbing is the fact that several top apps from the Mac App Store were found uploading users' browsing data. Some of these apps are Adware Doctor, Adware Medic, Dr. Cleaner, and Dr. Unarchiver, among others. Notably, most of the apps clandestinely uploading data were distributed by Japanese internet security company, Trend Micro.
Twitter Post
The discovery sent alarm bells ringing across social media
Top Sold MacOS AppStore application is ROGUE. Adware Doctor is stealing your privacy. PoC: https://t.co/LmveX593q0#malware #virus #MacOS #Apple #MacBook #MacBookPro #CyberSecurity #privacy #GDPR #Hacking #hackers #cyberpunk #Alert
— Privacy 1st (@privacyis1st) August 20, 2018
How?
How the apps gained access to the data
In order to access Chrome, Safari, and Firefox data, these apps duped users into giving them access to the MacOS home directory via actions such as 'Scan for Viruses' or 'Clear cache'. Armed with that, these apps could access not just browsing histories of users, but could also potentially access users' iMessage conversations, emails, and other such personal data.
Implications
The incident tarnishes Apple's image
Although 9to5Mac notes that Apple has removed these apps from its App Store since the reports emerged, the incident is bound to tarnish Apple's image, which has touted water-tight data security for years. Coupled with the fact that some of the aforementioned apps were among the top-most on the App Store, users will now perpetually doubt even the best available apps.