Slashdot Mirror

← Back to Stories (view on slashdot.org)

Multiple Trend Micro Apps Pulled From Mac App Store; Tens of iOS Apps Caught Collecting and Selling Location Data

Posted by msmash on from the it-just-works dept.

Ahead of Apple's big iPhone event later this week, the company appears to be grappling with a PR problem: Third-party apps on both its desktop and mobile app stores have been caught doing shady stuff. Last week, Apple pulled a top selling app from the App Store, a month after it was alerted about it, but only hours after it started making headlines. Since then, tens of new iOS apps have been caught indulging in a similar offense -- collecting and selling users data such as GPS coordinates, WiFi network IDs and more. Amid all of this, more desktop apps, curiously all from security service provider Trend Micro -- have been caught collecting browser history and information about users' computers. Apple has pulled Trend Micro's apps from the store. Do note that Trend Micro still has some apps -- both for desktop and mobile -- listed on the store. Would be interesting to learn what sort of conversations Trend Micro and Apple have had in the recent days. BleepingComputer: The apps are Dr. Antivirus, Dr. Cleaner, and Dr. Unarchiver, all under the developer account Trend Micro, Incorporated. Until removal, all products were top-sellers, with thousands of positive reviews that averaged their ratings between 4.6 and 4.9. The first public report of a Trend Micro product in the App Store engaging in shady activities came in late 2017 when user PeterNopSled told Malwarebytes forum members that "that his Mac was taken over by Open Any Files: RAR Support," and it did not let him open Word or Excel files. Trend Micro's privacy and data collection disclosure.

1 of 38 comments (clear)

  1. Re:Trend Micro never had the best engineers by nbvb · · Score: 4, Informative

    I'm not posting anonymously, and I agree wholeheartedly. Their code is CRAP. I used to be responsible for a server farm running their Interscan messaging antivirus SMTP products on Unix .... what a trainwreck of software. We had this oddball corporate security policy in place that we would have to quarantine any inbound messages with attachments for 1 hour before letting them through the virus scanner; some executive thought that'd give the AV companies enough time to update their signatures. Anywho... the software was so stupid that after releasing from the quarantine, it would just move it to the top of the queue, hit the quarantine rule, and re-quarantine it. So I had one set of SMTP gateways that would ingest, quarantine and then hand off to the second set that would do the actual scanning. It was atrocious, atrocious code. All written in China, as I recall.

    Replaced a couple of racks of Sun gear doing mail handling with a pair of Ironport appliances. Done.

    So glad I'm out of the day-to-day IT business ....