Published in News

Apple approved malware to run within its walled garden

by on01 September 2020


For Jobs beheld the serpent and saw that it was good

While the Tame Apple Press likes to bang on how secure Apple’s walled garden of delights is, it turns out that Jobs’s Mob gave high security clearance to a lump of malware.

Last year Apple took its toughest approach yet by requiring developers to submit their apps for security checks in order to run on millions of Macs unhindered.

The process, which Apple calls "notarisation", scans an app for security issues and malicious content. If approved, the Mac's in-built security screening software, Gatekeeper, allows the app to run.

However Peter Dantini, working with Patrick Wardle, a well-known Mac security researcher, found a malware campaign disguised as an Adobe Flash installer. These campaigns were common and have been around for years -- even if Flash is rarely used these days -- and most run unnotarised code, which Macs block immediately when opened.

Dantini and Wardle found that one malicious Flash installer had code notarised by Apple and would run on Macs. Wardle confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the "most common threat" that Macs faced in 2019.

 

Last modified on 01 September 2020
Rate this item
(0 votes)

Read more about: