Apple often boasts of its human curation of apps that go into its Mac and iOS App Stores as the best way to prevent the likes of Facebook’s Cambridge Analytica scandal from happening. It also sings praises of the efficacy and accuracy of this method over automated systems like Google’s. Those arguments, however, may have just fallen flat on their faces when a number of popular, top-grossing apps on the Mac App Store have been reported to be behaving like spyware. Including those from a company that’s supposed to be protecting users from malware.
Of course, this isn’t the first time that malware masquerading as anti-malware has gotten into app stores. The utter irony of the situation is almost laughable if not for the real potential for harm. Especially when the misbehaving app comes from a security company like Trend Micro. Then again, some would argue that such companies are in cahoots with the malware industry anyway.
WIRED reported a few days ago that a top-ranked paid app on the Mac App Store named “Adware Doctor” was actually harvesting user’s browsing history and other information behind the scenes. After the news exploded, Apple took down the offending app. It turns out, however, that Twitter user @privacyis1st reported the issue way back in August with no action from Cupertino.
It doesn’t end there, though. 9to5Mac is now reporting that other such apps continue to live on the Mac App Store, including ones from “Trend Micro Inc”, such as Dr. Unarchiver, Dr. Cleaner, Open Any Files: RAR Support, and more. Without an official statement from the software security outfit, there is no way to confirm or refute that these apps do come from the publisher.
Granted, these apps won’t be able to do anything without user interaction. The problem is that they aren’t saying upfront what they will actually be doing. Dr. Unarchiver, for example, will offer to clean up junk files but when users give the app permission to do that, it will do more. Lots more. It will harvest browsing history from Safari, Chrome, and Firefox, create a list of apps installed on the Mac, store Google search history, and send all those files to the publisher’s server, presumably Trend Micro.
And like Adware Doctor, this isn’t exactly news and has been reported and discussed since late 2017. No action has been taken yet but Apple’s QA team should have caught that unwanted behavior. Or if the rogue apps aren’t from Trend Micro in the first place, they should have been able to verify that as well. Especially considering that company isn’t a new, small startup or independent developer.