Apple Mistakenly Approved a Widely Used Malware To Run on Macs
Published on September 01, 2020 at 12:12AM
Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. But last year Apple took its toughest approach yet by requiring developers to submit their apps for security checks in order to run on millions of Macs unhindered. From a report: The process, which Apple calls "notarization," scans an app for security issues and malicious content. If approved, the Mac's in-built security screening software, Gatekeeper, allows the app to run. Apps that don't pass the security sniff test are denied, and are blocked from running. But security researchers say they have found the first Mac malware inadvertently notarized by Apple. Peter Dantini, working with Patrick Wardle, a well-known Mac security researcher, found a malware campaign disguised as an Adobe Flash installer. These campaigns are common and have been around for years -- even if Flash is rarely used these days -- and most run unnotarized code, which Macs block immediately when opened. But Dantini and Wardle found that one malicious Flash installer had code notarized by Apple and would run on Macs. Wardle confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the "most common threat" that Macs faced in 2019.
Published on September 01, 2020 at 12:12AM
Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. But last year Apple took its toughest approach yet by requiring developers to submit their apps for security checks in order to run on millions of Macs unhindered. From a report: The process, which Apple calls "notarization," scans an app for security issues and malicious content. If approved, the Mac's in-built security screening software, Gatekeeper, allows the app to run. Apps that don't pass the security sniff test are denied, and are blocked from running. But security researchers say they have found the first Mac malware inadvertently notarized by Apple. Peter Dantini, working with Patrick Wardle, a well-known Mac security researcher, found a malware campaign disguised as an Adobe Flash installer. These campaigns are common and have been around for years -- even if Flash is rarely used these days -- and most run unnotarized code, which Macs block immediately when opened. But Dantini and Wardle found that one malicious Flash installer had code notarized by Apple and would run on Macs. Wardle confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the "most common threat" that Macs faced in 2019.
Read more of this story at Slashdot.
Comments
Post a Comment