Skip to main content

Beware — even Mac open-source apps can contain malware

Installing apps on a Mac is generally considered to be safer than doing so on Windows and open-source software is usually benign but there are exceptions to both of these assumptions that can do untold damage to your privacy and security.

A recent discovery by Trend Micro provides a startling example of this risk. An open-source app designed to help Mac owners with iPhone and iPad app signing has been altered to include a nasty hack that steals your Apple Keychain data. The original app is called ResignTool and it’s available for free on the popular open-source site, GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub. That isn’t the problem.

A pair of glasses rests on a desk in front of multiple computer monitors filled with code.
Image used with permission by copyright holder

The issue arises from how easy it is to access the code, make changes and upload elsewhere as if it’s the same app. Very little work has to be done by the hacker to deliver their malware under the guise of a genuinely good-intentioned app.

If you make the mistake of downloading the malware version of an open-source app, you might be handing over the keys to your Apple kingdom since your Mac automatically syncs passwords you’ve stored on your iPhone and iPad in the Keychain. Every app and every website login could be stolen, including passwords to financial apps and banking websites.

There are common-sense solutions to ease these concerns. Critically important apps and websites should have two-factor authentication enabled. If possible, get apps from the Mac App Store that have been tested to be safe. If you download from a website, make sure you know and trust the source. You also might want to find out if your Mac could benefit from antivirus protection.

Editors' Recommendations

Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more
This macOS concept fixes both the Touch Bar and Dynamic Island
Concept of macOS dynamic dock.

What if your macOS dock behaved more fluidly, dynamically morphing to show background processes such as download progress, media controls, text messages, and so on?

The following concepts demonstrate "what if" macOS and iOS Live Activities got together and had a child, and they have certainly got my imagination going.

Read more
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more