Skip to main content

Beware — even Mac open-source apps can contain malware

Installing apps on a Mac is generally considered to be safer than doing so on Windows and open-source software is usually benign but there are exceptions to both of these assumptions that can do untold damage to your privacy and security.

A recent discovery by Trend Micro provides a startling example of this risk. An open-source app designed to help Mac owners with iPhone and iPad app signing has been altered to include a nasty hack that steals your Apple Keychain data. The original app is called ResignTool and it’s available for free on the popular open-source site, GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub. That isn’t the problem.

A pair of glasses rests on a desk in front of multiple computer monitors filled with code.
Image used with permission by copyright holder

The issue arises from how easy it is to access the code, make changes and upload elsewhere as if it’s the same app. Very little work has to be done by the hacker to deliver their malware under the guise of a genuinely good-intentioned app.

If you make the mistake of downloading the malware version of an open-source app, you might be handing over the keys to your Apple kingdom since your Mac automatically syncs passwords you’ve stored on your iPhone and iPad in the Keychain. Every app and every website login could be stolen, including passwords to financial apps and banking websites.

There are common-sense solutions to ease these concerns. Critically important apps and websites should have two-factor authentication enabled. If possible, get apps from the Mac App Store that have been tested to be safe. If you download from a website, make sure you know and trust the source. You also might want to find out if your Mac could benefit from antivirus protection.

Editors' Recommendations

Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
These are the 10 settings I always change on a new Mac
A MacBook Air on a desk with an open book in front of it.

Every time I buy a new Mac, there are a bunch of settings I change to improve the macOS experience. Some are quick tweaks that solve minor annoyances, while others are vital changes that make my Mac safer, faster, or just plain better.

I recently wrote about a few key settings to change in macOS Sonoma, but the ones contained in the article you’re perusing now aren’t just for Apple’s latest operating system. Whether you’re running an earlier version of macOS or are reading this long after Sonoma has become old news, there are plenty of macOS settings you can adjust to get more from your Mac.
Turn on FileVault

Read more
This simple app changed how I use my Mac forever
The Paste Mac app, with its clipboard bar open and the Paste homepage in Safari.

Every time I sit down and use my Mac, I’m reminded that it’s full of advanced features and clever extras. Yet there’s one place that absolutely does not apply: the clipboard. Copying and pasting in 2023 feels like it’s stuck in the past with no prospect of salvation.

At least, it did feel that way until I came across an app called Paste. This superb utility has taken a knife to copying and pasting and made it… fun? I never thought I’d say that about such a mundane task, but here we are -- it’s true.
Stacked with features

Read more
7 key settings in macOS Sonoma you should change right now
A MacBook Pro running macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

Apple’s macOS Sonoma came loaded with a bunch of great new features, including desktop widgets, video screen savers, and more. With plenty of them, you just need to sit back and enjoy them, without much action required on your part. But that’s not always the case.

Sometimes, you’ll have to change a few settings to enable a new feature. Other times, you might want to disable something that is switched on by default. Either way, it’s often worth diving into macOS Sonoma’s settings to get things how you want them.

Read more