Apple Takes Down Data-Stealing Apps
Apps from a well-known cyber-security company were taken down from the Mac App Store by Apple after they were reported to export user data.
The apps' abnormal behaviour was first noticed by a security researcher last week. According to researchers, there are several apps in the App Store that were stealing and abusing user data. Apple immediately removed these offending apps from the store.
At least eight apps -- six Trend Micro apps and two other apps published by a developer named Yongming Zhang -- were found to be gathering data from user systems. The data included web browsing history, App Store browsing history, and information from other installed apps.
Now, Trend Micro is refuting the claims that their apps intentionally steal user data. “Any reports saying that Trend Micro is 'stealing user data' and sending it to an unidentified server in China are absolutely false," commented a representative in Trend Micro’s initial statement. Trend Micro says that they had removed the feature that collected users' browser history, and strongly denied allegations that the apps had been stealing user data and sending it to a server in China.
In an apology update, the company claimed that it had permanently dumped all legacy logs stored on the AWS server and identified common code libraries to be the main problem. Trend Micro also apologized “for concern [their community] might have felt and can reassure all that their data is safe and at no point was compromised."
Despite Trend Micro's responses to the controversy, all their apps were taken down in the App Store. Apple hasn't publicly revealed the reasons for the removal, but the company's developer guidelines have become obviously stricter and clearer about the use of user data. Apps must also obtain permission to collect user data, and developers must clearly state to the customers how and for what their data will be used.