Skip to main content

Apple mistakenly verified a macOS malware

A malware Mac package slipped past Apple’s verification process, a new report finds. As per security researcher, Patrick Wardle, Apple inadvertently approved a malicious desktop app that was disguised as an Adobe Flash installer to trick users.

Apple allows Mac users to install apps from sources outside of its own App Store. However, to ensure this policy doesn’t end up infesting Macs with viruses and malware, the company has a process called “notarization” that scans apps for security issues. Developers are required to submit their code prior to distribution for approval. If an app is unable to get past this verification stage, it is automatically blocked by Mac’s built-in screening program, Gatekeeper — irrespective of where it was downloaded from.

Wardle discovered that a popular malware called Shlayer, which security firm Kaspersky labeled as the most common threat that Macs faced in 2019, featured snippets of code that were officially notarized by Apple. Therefore, if someone downloaded and tried to run this on their Mac, they wouldn’t be alerted through any warnings. Shlayer is an adware that can intercept your web traffic and replace the webpages you try to load with its own malicious ads.

Apple’s review process couldn’t detect the malware and green-lighted it to run on all macOS versions, even Big Sur that is currently in beta.

“As far as I know, this is a first: malicious code gaining Apple’s notarization ‘stamp of approval’,” Wardle wrote in the blog post.

Since it was reported, Apple says it has patched and revoked the notarized payloads. Soon after that, however, the same group of attackers somehow released a new, notarized package — which Apple confirmed has been banned as well.

“Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allows us to respond quickly when it’s discovered,” Apple commented in a statement to Digital Trends. “Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”

Editors' Recommendations

Shubham Agarwal
Shubham Agarwal is a freelance technology journalist from Ahmedabad, India. His work has previously appeared in Firstpost…
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
Apple may be struggling with its next Mac chips — here’s why that matters
Apple's Tim Millet presents the Apple silicon A14 Bionic chip.

Apple’s chip manufacturer is “straining to meet demand” for the chips that will power future Macs, according to a report from EE Times. If these difficulties continue, it could have worrying implications for Apple with just months to go before the 3-nanometer M3 chip is set to debut.

TSMC is currently manufacturing Apple’s 3nm chips (which TSMC calls N3), and the EE Times report notes that TSMC’s “tool and yield struggles have impeded the ramp to volume production.” Aside from Samsung, TSMC is the only company that has the ability to make these chips, so any kind of delay could be of grave concern for Apple execs.

Read more
Please let this new OLED iMac rumor be true
A student types at a desk on a pink Apple iMac 24-inch M1 desktop computer.

Apple's been coy about the iMac these past few years. Sure, it has the M1 24-inch iMac, but it's gone on pretending the beloved 27-inch iMac never existed.

A new rumor gives some optimism for those of us hoping that Apple would someday revisit a larger, more powerful version of the iMac. The report doesn't come from one of the usual leakers, such as Ross Young or Mark Gurman -- so treat it with a healthy dose of skepticism. But I, for one, am excited about the prospect of this rumor being true.

Read more