Last week we wrote about how it was discovered that one of the most popular apps in the Apple Store was, along with doing all it advertised, also stealing your browser history and sending it to servers in China.
As far as we could tell there wasn’t much to it other than an invasion of privacy, though that itself is quite frustrating. But, now we know that app, Adware Doctor, was not alone. In fact, even more offerings in the App Store have been found to do the very same thing.
While at first it seemed like an outlier, it is now beginning to look like this is a trend. Before we thought anything from the supposedly carefully curated App Store was safe, but it’s clear that is not the case.
Have you snagged an app from Trend Micro, Inc.?
The most recent bad apps come from a specific developer, whose portfolio includes Dr. Unarchiver, Dr. Cleaner and Open Any Files: RAR Support, among other apps. The apps all do what they say, but not only that.
Each of them also collect and upload the browser history from Chrome, Safari and Firefox before sending it to servers, which are assumed to belong to Trend Micro. The apps also monitor and report on any other apps that are installed on the system.
Apple has taken action, but is there anything we can do?
Upon learning of what was going on, Apple removed the apps from their store. But as more and more are discovered to be doing this, it certainly calls into question the safety of the store itself.
Apple has, for a long time now, had certain requirements every app must meet in order to be available through the store, which when combined led to a feeling of security with anything we could download.
One of the biggest issues here, however, is that the very nature of what these apps are supposed to do means they will need to be granted access to certain aspects of your system. Once they have that, much of your private information and history can be then taken and used for other purposes.
In other words, while we would like to think Apple can catch these apps before they are ever available in the store, perhaps the best way to avoid any problem is to simply not download anything that needs that kind of access in the first place.
After all, you could go into your settings and change the permissions your apps have, but without the access they will not necessarily be able to perform the function for which you downloaded them in the first place.