Trend Micro: Sorry Our Mac Apps Collected Browser Histories

Antivirus vendor Trend Micro has apologized subsequently its Mac apps were plant collecting browser histories from people's computers.

On Monday, Trend Micro confirmed that the macOS apps were harvesting what it called a "pocket-size snapshot" of users' browser histories. The apps include the security-focused product Dr. Antivirus, in addition to device optimization tools such as Dr. Cleaner and Dr. Bombardment, which were all booted from Apple's official app store this past weekend over the data drove.

By lifting your browser history, Trend Micro could conceivably see the sites you lot've visited and potentially share those details with 3rd parties. However, the antivirus vendor is pushing back on claims that it knowingly violated customers' privacy. "This was a former data collection, done for security purposes," the company said in a weblog post.

Co-ordinate to Trend Micro, the data harvesting would occur 24 hours after an app was installed as a way to check whether the computer had encountered whatsoever adware or other malicious threats. All browser information was sent to a Usa-based Amazon server controlled by Trend Micro.

Dr. Cleaner Data Disclosure

The vendor also claims that the data harvesting was goose egg covert. "The potential drove and employ of browser history data was explicitly disclosed in the applicable EULAs (end user license agreements) and data collection disclosures accepted past users for each product at installation," it said.

Nevertheless, Trend Micro has decided to remove the browser history collecting adequacy from all the company's Mac apps. Information technology's also dumped all browser history logs from the Amazon server.

In the same blog post, Trend Micro also seemed to admit that the company's non-security Mac apps, such as the device optimization products Dr. Cleaner, Dr. Battery, and 2 others called Dr. Unarchiver and Duplicate Finder, should've refrained from collecting browser histories.

"We accept learned that browser collection functionality was designed in mutual beyond a few of our applications and then deployed the same way for both security-oriented as well as the not-security oriented apps such equally the ones in discussion. This has been corrected," the company said.

This issue first cropped up on Friday, when a pair of security researchers published a study that said the Mac app Adware Doctor secretly logged browser histories into a password-protected nada file and uploaded them to a server based in Cathay. Trend Micro said that reports its apps were sending data to China are "absolutely imitation."

Despite Trend Micro's apology, non everyone in the security community is ownership the visitor's explanations.

Let me interpret: "Because it got exposed, we removed the malware feature from our products." moving picture.twitter.com/30mx4vD2Cl
— MalwareHunterTeam (@malwrhunterteam) September eleven, 2022

Thomas Reed, the Malwarebytes security researcher who flagged the problem last calendar week, also said he didn't find any explicit mention of Trend Micro's data-drove notification at the time he examined the apps.

It isn't the first time a security vendor has faced trouble over suspicious information drove. Russian cybersecurity firm Kaspersky Lab has faced a mountain of trouble in the U.s. after its antivirus product pulled secret files from a estimator endemic by an NSA employee subsequently flagging them as malware.

Reed is telling Mac owners to be wary of unnecessary apps. "Be cautious of what y'all download. A free app from the App Store may seem perfectly innocent and harmless, but if yous have to give that app access to any of your data as office of its expected functionality, you can't know how it will utilize that data," he said in a weblog post.