MuMu Player Pro for macOS collects system data every 30 minutes

MuMu Player Pro collects extensive system data

MuMu Player Pro for macOS, an Android emulator from Chinese tech giant NetEase, is collecting extensive system data from users' computers every 30 minutes. This undisclosed data harvesting includes a complete list of all running processes, installed applications, and devices on the local network.

The collection is tied to the Mac's hardware serial number via the Chinese analytics platform SensorsData. None of this data collection is disclosed in the emulator's privacy policy, and security experts confirm it is not necessary for the software's core function of running Android apps.

What the emulator collects automatically

While the emulator is running, it automatically executes a series of system commands every half hour. It saves the output to timestamped directories within the user's Library folder.

The collected data creates a comprehensive snapshot of the Mac's state. The commands run include:

• ifconfig -a and arp -a to map all devices on the local network
• ps aux to capture every running process with full command-line arguments
• system_profiler SPApplicationsDataType to inventory all installed applications
• cat /etc/hosts to read the system's hosts file
• sysctl -a to dump all kernel parameters

A manifest file logs the success or failure of each collection. On a single day of use, the emulator was observed running this routine 16 times, generating about 400KB of system data per collection.

Data is tied to your Mac's serial number

The collected data is not anonymous. Analytics files within the log directories show the information is linked to a persistent user identity.

A key file, sensorsanalytics-com.sensorsdata.identities.plist, contains the user's login ID, an anonymous ID, and most critically, the "$identity_mac_serial_id" which is the Mac's hardware serial number.

Other tracking files detail the player version, a unique player UUID, and the installation source. An 86KB analytics message queue file is maintained and sent to SensorsData servers.

Privacy policy fails to disclose collection

The MuMu Player Pro Privacy Policy makes no mention of this automated, comprehensive system profiling. It does not disclose that the software will:

• Enumerate all devices on a user's local network
• Log every running process with full arguments
• Inventory all installed applications
• Read system files like the hosts file
• Collect this data at 30-minute intervals while tied to the hardware serial number

The scale and specificity of the data—network topology, complete software inventory, and a timeline of process activity—constitutes a detailed behavioral and system fingerprint. For an Android emulator, this data has no clear functional purpose, representing a serious transparency failure.

How to check if you're affected

Users who have installed MuMu Player Pro for macOS can check for this data collection. Open the Terminal application and run the command:

ls ~/Library/Application\ Support/com.netease.mumu.nemux-global/logs/

If you see timestamped directories (like 20260220-071645), the collection has occurred. You can open any directory to view the files, which contain the exact commands executed and their full output.

The logs directory retains approximately 23 collection runs before rotating older data out. The discovery highlights the opaque data practices of some third-party software, particularly from firms operating under different regulatory environments.