Apple accidently approved malware to run on Macs, fixed later
San Francisco: Apple has fixed a malware disguised as an update for Adobe Flash player that slipped through its toughest security screening software and got approved for its Mac desktops.
Mac security researchers Peter Dantini and Patrick Wardle found a common malware campaign disguised as an Adobe Flash installer.
Wardle said that Apple approved popular Shlayer malware disguised as Adobe Flash installer.
According to cybersecurity firm Kaspersky, the malware is the “most common threat” that Macs faced in 2019, reports TechCrunch.
The malware passed through a strict Apple process called “notarisation,” that scans an app for security issues.
Once approved, Mac’s in-built security screening software called “Gatekeeper” allowed the app to run.
“As far as I know, this is a first,” Wardle said. It means Apple did not detect the malicious code when it was submitted and approved it to run on Macs.
An Apple spokesperson told TechCrunch: “Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered.
“Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe”.
The cybercriminals were, however, back with a new ‘notarised’ payload that was again blocked by Apple.
For close to two years, the Shlayer Trojan has been the most common threat on the macOS platform.