Apple accidentally gave approval to a well-known malware to run on Macintosh computers, a security researcher recently found…
Developers know Apple as one of the toughest, most strict companies when it comes to software approval for its App Store. In fact, the tech giant doubled down on its commitment to security last year by requiring devs to submit their apps for a full check before being allowed to run on millions of Macs. Apple calls this process “notarization,” which scans candidate apps for any possible security issues and malicious content. But, it isn’t foolproof, as a recent example demonstrates.
Apple Accidentally Approved a Widely-Used Malware to Run on Macs
Patrick Wardle, a well-known Mac security researcher, and Peter Dantini recently discovered a malware campaign that was disguised as an Adobe Flash installer. The malicious code, known as Shlayer malware, is a type of adware. It works by intercepting web traffic and websites and search results, removing legitimate ads, then replaces them with its own, resulting in generating ad money from fake advertising campaigns.
The malicious software wasn’t detected by Apple when the company ran it through its notarization process. However, after finding and reporting it, Apple revoked the notarized payloads, protecting Macs from the threat. A spokesperson for Apple tells TechCrunch:
“Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”