Skip to main content

Apple mistakenly approved a widely-used malware to run on Macs

Apple has some of the strictest rules to prevent malicious software from landing in its app store, even if on occasion a bad app slips through the net. But last year Apple took its toughest approach yet by requiring developers to submit their apps for security checks in order to run on millions of Macs unhindered.

The process, which Apple calls “notarization,” scans an app for security issues and malicious content. If approved, the Mac’s in-built security screening software, Gatekeeper, allows the app to run. Apps that don’t pass the security sniff test are denied, and are blocked from running.

But security researchers say they have found the first Mac malware inadvertently notarized by Apple.

Peter Dantini working with Patrick Wardle, a well-known Mac security researcher, found a malware campaign disguised as an Adobe Flash installer. These campaigns are common and have been around for years — even if Flash is rarely used these days — and most run unnotarized code, which Macs block immediately when opened.

But Dantini and Wardle found that one malicious Flash installer had code notarized by Apple and would run on Macs.

The malicious installer was notarized by Apple, and could be run on the latest versions of macOS. (Image: Patrick Wardle/supplied)

Wardle confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the “most common threat” that Macs faced in 2019. Shlayer is a kind of adware that intercepts encrypted web traffic — even from HTTPS-enabled sites — and replaces websites and search results with its own ads, making fraudulent ad money for the operators.

“As far as I know, this is a first,” Wardle wrote in a blog post, shared with TechCrunch.

Wardle said that means Apple did not detect the malicious code when it was submitted and approved it to run on Macs — even on the unreleased beta version of macOS Big Sur, expected out later this year.

Apple revoked the notarized payloads after Wardle reached out, preventing the malware from running on Macs in the future.

In a statement, a spokesperson for Apple told TechCrunch: “Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”

But Wardle said that the attackers were back soon after with a new, notarized payload, able to circumvent the Mac’s security all over again.

Apple macOS security protections can easily bypassed with ‘synthetic’ clicks, researcher finds



from TechCrunch https://ift.tt/3lCeJ35
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

Apple’s AI Push: Everything We Know About Apple Intelligence So Far

Apple’s WWDC 2025 confirmed what many suspected: Apple is finally making a serious leap into artificial intelligence. Dubbed “Apple Intelligence,” the suite of AI-powered tools, enhancements, and integrations marks the company’s biggest software evolution in a decade. But unlike competitors racing to plug AI into everything, Apple is taking a slower, more deliberate approach — one rooted in privacy, on-device processing, and ecosystem synergy. If you’re wondering what Apple Intelligence actually is, how it works, and what it means for your iPhone, iPad, or Mac, you’re in the right place. This article breaks it all down.   What Is Apple Intelligence? Let’s get the terminology clear first. Apple Intelligence isn’t a product — it’s a platform. It’s not just a chatbot. It’s a system-wide integration of generative AI, machine learning, and personal context awareness, embedded across Apple’s OS platforms. Think of it as a foundational AI layer stitched into iOS 18, iPadOS 18, and m...
Post a Comment
Read more

The Silent Revolution of On-Device AI: Why the Cloud Is No Longer King

Introduction For years, artificial intelligence has meant one thing: the cloud. Whether you’re asking ChatGPT a question, editing a photo with AI tools, or getting recommendations on Netflix — those decisions happen on distant servers, not your device. But that’s changing. Thanks to major advances in silicon, model compression, and memory architecture, AI is quietly migrating from giant data centres to the palm of your hand. Your phone, your laptop, your smartwatch — all are becoming AI engines in their own right. It’s a shift that redefines not just how AI works, but who controls it, how private it is, and what it can do for you. This article explores the rise of on-device AI — how it works, why it matters, and why the cloud’s days as the centre of the AI universe might be numbered. What Is On-Device AI? On-device AI refers to machine learning models that run locally on your smartphone, tablet, laptop, or edge device — without needing constant access to the cloud. In practi...
1 comment
Read more

Max Q: Psyche(d)

In this issue: SpaceX launches NASA asteroid mission, news from Relativity Space and more. © 2023 TechCrunch. All rights reserved. For personal use only. from TechCrunch https://ift.tt/h6Kjrde via IFTTT
Post a Comment
Read more