Skip to main content

Beware — even Mac open-source apps can contain malware

Installing apps on a Mac is generally considered to be safer than doing so on Windows and open-source software is usually benign but there are exceptions to both of these assumptions that can do untold damage to your privacy and security.

A recent discovery by Trend Micro provides a startling example of this risk. An open-source app designed to help Mac owners with iPhone and iPad app signing has been altered to include a nasty hack that steals your Apple Keychain data. The original app is called ResignTool and it’s available for free on the popular open-source site, GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub. That isn’t the problem.

A pair of glasses rests on a desk in front of multiple computer monitors filled with code.

The issue arises from how easy it is to access the code, make changes and upload elsewhere as if it’s the same app. Very little work has to be done by the hacker to deliver their malware under the guise of a genuinely good-intentioned app.

If you make the mistake of downloading the malware version of an open-source app, you might be handing over the keys to your Apple kingdom since your Mac automatically syncs passwords you’ve stored on your iPhone and iPad in the Keychain. Every app and every website login could be stolen, including passwords to financial apps and banking websites.

There are common-sense solutions to ease these concerns. Critically important apps and websites should have two-factor authentication enabled. If possible, get apps from the Mac App Store that have been tested to be safe. If you download from a website, make sure you know and trust the source. You also might want to find out if your Mac could benefit from antivirus protection.

Editors' Recommendations

4 Windows 11 accessibility features that make it easier for everyone to use
Person using Windows 11 laptop on their lap by the window.

Windows 11 feature some big updates for Microsoft's storied operating system visually, but it has made big strides in accessibility as well. Live Captions, updates to the Narrator, and even full voice access might make Windows 11 the most accessible OS Microsoft has ever released.

Regardless of it you need accessibility features to navigate Windows 11 or if you just want to make getting around a little easier, we tried out a slew of features to bring you our favorites. If you want to browse the full list, you can find it by opening the Settings app in Windows 11 and selecting the Accessibility tab.
Live captions

Read more
Microsoft Edge opens AI-upscaled video to AMD graphics cards
The Microsoft Edge browser is open on a Surface Book 2 in tablet mode.

Microsoft is rolling out a new super resolution for its Edge browser, but unlike Nvidia's recently announced RTX Video Super Resolution, Microsoft's take works with AMD graphics cards.

Edge is taking the same name. Video Super Resolution (VSR) leverages AI to upscale videos directly in your browser. Microsoft's announcement reads, "It accomplishes this by removing blocky compression artifacts and upscaling video resolution so you can enjoy crisp and clear videos on YouTube and other streaming platforms that play video content without sacrificing bandwidth."

Read more
The most common Slack issues and how to fix them
Slack NYSE

Even if you know all the best Slack tips, you can still run into Slack issues. If you work from home, or if Slack just happens to be the best way to communicate with your co-workers, then you know how important it is for the app to run smoothly.

But in the event it doesn't, we've got your back. In this guide, we're taking a look at five of the most common Slack issues and show you how to fix them so you can get your workday up and running again.
Trouble connecting to Slack

Read more