More Mac Apps Caught Stealing Your Browser History

Yolanda Curtis
September 12, 2018

News broke last week that Adware Doctor, an ad-blocker sold in the Mac App Store, quietly stole its users' browser histories and sent them to a server in China. At the time, Dr. Unarchiver was the 12th most popular free app in the US Mac App Store, 9to5Mac reported.

Dr. Unarchiver was reportedly gathering and uploading users' data.

Most of these apps distributed by Trend Micro. Inspection of the files showed access to recent Google searches on Safari, Chrome, and Firefox, as well as browser history, a complete list of apps on the system including the download location for the apps.

"However, once the user has clicked 'Allow, ' since Adware Doctor requested permission to the user's home directory, it will have carte blanche access to all the user's files". It would make sense for anti-virus software to have this kind of access for a truly thorough clean, but then nobody expects ostensibly good apps to be wrapping up browser data in a tidy zip file and uploading to the developers' servers.

Apple has removed multiple apps by security vendor Trend Micro from its App Store, following allegations by researchers that the programs exfiltrate sensitive data without users' consent.

Despite cases like this, however, App Stores are safer than the wild internet as curtain - even one that is many times perfunctory - can still screen risky apps more often than not.

The apps have both been removed from the App Store, but if you have them installed on your machine it's worth removing them straight away. Apple has had a history of boasting about the security of its app stores.

But, according to what was published by the well-known security researcher Patrick Wardle, this application is accessing user data for which it did not warn that it would consult and who should have access. Cleaner, and Dr. Unarchiver to upload user data to an external server is not singular, Privacy_1 points out. "The potential collection and use of browser history data was explicitly disclosed in the applicable EULAs (end user license agreements) and data collection disclosures accepted by users for each product at installation", it said.

Apps collect data such as Global Positioning System coordinates, WiFi network IDs and more, and pass all of it to advertising and monetization firms.

Other reports by iNewsToday