A Malware App “Fooled” Apple and Got into App Store’s Security!
We all know that “Apple” or “macOS” is known for there cybersecurity, the popular belief is that most of the malware and viruses which are built to attack Window PCs can’t affect Macs, but in the recent turn of events this statement is no longer true. Cybersecurity firm Kaspersky shed some light on the huge rise of malware that can attack both Windows and macOS at the same time.
The verge quoted a report where they claim that Apple let a common malware which mostly spreads as an adobe flash player update. Apple failed to identify it and took it as a legitimate app allowed all the Apple users to download and run it despite having a “notarization” check-in place.
Notarization of the app is a process to check the authenticity of an app before distributing it to mac users in-app store. Notarization was introduced by Apple in macOS 10.15 aka Catilina which in other words let Mac users have a sense of comfortability in there mind that if they can download and install an app from the app store then it is legit and you need not worry.
But the developer manages to bypass the notarization by hiding a Shlayer trojan which looks like it’s an Adobe Flash Player update and Apple approved it not once but this was the second time it happens.
Even though Apple security researcher Patrick Wardle notified the company about the malware from which they manage to track and block the developer account, but this is the second event where apple let the same harmful app gets distributed to all its users.
“As noted, Apple quickly revoked the Developer’s code-signing certificate that was introducing malicious payloads in the Apple app store. This occurred on Friday, Aug. 28th. Interestingly as of Sunday (Aug 30th), the adware campaign was still live and severing up new payloads. Unfortunately, these new payloads are notarized” said Wardle, as per Forbes.
Wardle notes that the malware is allowed to run even in macOS Big Sur. But the issue is that notarized malware lets the Mac user know that this is safe to use which is not true, and what’s more worrying is that the malware manages to get notarized in the first place. This event might shake all the apple users to believe that the devices they have been using are no longer safe.