Security researchers say they’ve found the first Mac malware inadvertently notarized by Apple, reports TechCrunch.
According to Apple, notarization gives users more confidence that the Developer ID-signed software you distribute has been checked by the company for malicious components. The Apple notary service is an automated system that scans software for malicious content, checks for code-signing issues, and returns the results to developers. If there are no issues, the notary service generates a ticket for the developer to staple to the software.
However, Peter Dantini working with Mac security researcher found a malware campaign disguised as an Adobe Flash installer. These campaigns are common and have been around for years — even though Flash is rarely used these days — and most run un-notarized code, which Macs block immediately when opened, notes TechCrunch.
However, Dantini and Wardle found that one malicious Flash installer had code notarized by Apple and would run on Macs. Apple revoked the notarized payloads after Wardle reached out, preventing the malware from running on Macs in the future.
In a statement, a spokesperson for Apple told TechCrunch: “Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”
However, Wardle said that the attackers were back soon after with a new, notarized payload, able to circumvent the Mac’s security yet again.
The start of the civil trial over who is responsible for the deaths and injuries…
iPad sales are expected to grow by double digits this year.
The global smartphone market grew by 6% year-over-year (YoY) to reach 296.9 million unit shipments…
Slight Change of Sawblades +, Dicey Sungeons +, and Summer Pop + are now available…
Don’t look for a new standard iPad or updated iPad mini at next week’s “Let…
Season three of “Acapulco” is now streaming on Apple TV+.