Unit 221B Investigates Trae App’s Data Sharing Practices

Researchers from the Unit 221B team have conducted a thorough analysis of the Trae application for macOS and discovered that it constantly interacts with ByteDance’s server infrastructure through multiple communication channels. This architecture allows the company to continuously collect information about user behavior, system status, and the full content of files being edited. Device identification is performed using a unique hardware-linked identifier, making long-term tracking possible even after the app is reinstalled.

Continuous Data Transmission Raises Privacy Concerns

A particularly important finding is the presence of persistent connections to company servers, which transmit telemetry data every 30 seconds—even when the user is completely inactive. In addition to standard HTTPS requests, Trae also uses local WebSocket connections that send the full text of all files and user authentication information. All of this potentially increases the risk of unauthorized access to confidential information.

Global Data Processing and Security Implications

ByteDance also actively utilizes Akamai’s global infrastructure, enabling efficient segmentation and processing of data worldwide. Researchers note that such complex telemetry systems are usually found in corporate products, but their presence in a free developer tool raises serious questions about privacy and security.

Risks for Developers and Intellectual Property

Unit 221B warns that tools like this, despite their appealing features and convenience, can pose significant risks—especially when it comes to confidential development and intellectual property. It is crucial to understand exactly how data is collected and transmitted, and to make informed decisions about using such technologies in professional workflows.

Wider Industry Trends and the Need for Vigilance

The researchers emphasize that this practice is not unique and reflects a widespread business model where companies offer free services in exchange for collecting user data for further analysis and use. Trae serves as a vivid example of how modern AI-based development tools can become advanced data collection systems, deserving special attention from information security professionals.

Unit 221B will continue to monitor the development of such solutions to promptly warn developers and organizations about potential threats and risks associated with new AI-based tools.