Skip to main content
  1. Home
  2. Computing
  3. News

Beware — even Mac open-source apps can contain malware

By

Installing apps on a Mac is generally considered to be safer than doing so on Windows and open-source software is usually benign but there are exceptions to both of these assumptions that can do untold damage to your privacy and security.

A recent discovery by Trend Micro provides a startling example of this risk. An open-source app designed to help Mac owners with iPhone and iPad app signing has been altered to include a nasty hack that steals your Apple Keychain data. The original app is called ResignTool and it’s available for free on the popular open-source site, GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub. That isn’t the problem.

A pair of glasses rests on a desk in front of multiple computer monitors filled with code.
Image used with permission by copyright holder

The issue arises from how easy it is to access the code, make changes and upload elsewhere as if it’s the same app. Very little work has to be done by the hacker to deliver their malware under the guise of a genuinely good-intentioned app.

Recommended Videos

If you make the mistake of downloading the malware version of an open-source app, you might be handing over the keys to your Apple kingdom since your Mac automatically syncs passwords you’ve stored on your iPhone and iPad in the Keychain. Every app and every website login could be stolen, including passwords to financial apps and banking websites.

There are common-sense solutions to ease these concerns. Critically important apps and websites should have two-factor authentication enabled. If possible, get apps from the Mac App Store that have been tested to be safe. If you download from a website, make sure you know and trust the source. You also might want to find out if your Mac could benefit from antivirus protection.

Editors’ Recommendations

Topics
Alan Truly
Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
The MacBook notch has been redeemed
An Apple MacBook laptop with the macOS Ventura background wallpaper and the notch seen at the top of the display.

I’m still chugging along on an iPhone 12 Pro, which means I don’t get much hands-on time with the Dynamic Island on a day-to-day basis. Or at least I didn’t, that is, until I discovered a little app called NotchNook. But instead of bringing Apple’s pill-shaped notch utility to my iPhone, it instead lives on my Mac. And it has the potential to change how I use my Apple computers for good.

I’m not the only one at Digital Trends who is intrigued by NotchNook -- my colleague appreciated the concept when annoucned, too -- and the idea for the app is pretty simple. Hover your mouse pointer over your MacBook’s notch and you’ll see it expand slightly. Click the notch or do a two-finger swipe downward and the notch expands further, revealing a black box (the “nook”) containing controls for various apps and tasks.

Read more
This new app just fixed the MacBook notch, and I love it
NotchNook app for MacBooks.

NotchNook is a new app that takes your useless old MacBook notch and transforms it into an expanding utility tab -- a Dynamic Island, if you will. The notches on iPhone and MacBook screens always have and always will be controversial, but until Apple gives us a better option, we might as well make the most of it.

And that is clearly the aim of this app -- after all, why should the iPhones be the only one with a Dynamic Island? You can even make use of this app if you don't have a notch on your MacBook, in which case you can make the "notch" tab much smaller if you want to.

Read more
I’ve been using the first macOS Sequoia public beta. Here’s my take on it so far
The iPhone Mirroring feature from macOS Sequoia being demonstrated at the Worldwide Developers Conference (WWDC) 2024.

Apple today launched the macOS Sequoia public beta, opening the doors to app developers, bug hunters, and curious users alike. With the full release not expected until much later this year, it’s a good opportunity to get a sneak peek at what Apple has in store for us.

Or at least, a sneak peek at most of what’s planned. Despite being packed with features, macOS Sequoia is missing the headline-grabbing Apple Intelligence feature, at least for the time being. Without that, is it still worth downloading and installing the public beta?

Read more