• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Technologous - Managed IT Solutions Bryan/College Station

  • Home
  • About
    • Areas We Serve
    • Our Leadership
      • Chris Dawson
      • Ian Soares
  • IT Services
    • Managed IT
    • Support IT
    • Cloud IT
  • Blog
  • Request a Consultation
  • Contact
You are here: Home / Blog / Malware Maker Gets Past Apple Security

Malware Maker Gets Past Apple Security

Malware maker gets passed apple security standards.
Malware Maker Gets Past Apple Security

Apple has been historically very good at keeping malware out of its app store and continually improving its security protocols. Since February 2020, Apple notarizes all Mac software distributions outside of its Mac App Store. The developers must demonstrate that their products can run on macOS Catalina and not allow malware to get past Apple Security. However, a Malware maker gets past Apple Security.

MacOS Software development goes through a multi-stage approval process, with automation as the first step. The design scans software for code-signing issues and malicious components. Assuming the submitted code passes through this security checkpoint, the apps are put on the macOS Gatekeeper list, signifying the apps don’t pose a security risk.

Security Risks

While this process gives users greater peace of mind, it’s not bulletproof, as College Student Peter Dantini recently discovered. He found the distribution of notarized Shlayer adware installers through a variety of fake websites. These installers could run on any machine using macOS Catalina without being auto-blocked when they tried to launch.

The worst part about this is that since these installers bear Apple’s “seal of approval,” users are bound to trust them without question, which means that the malware developers’ payloads can spread like wildfire through the Apple ecosystem.

Legendary security researcher Patrick Wardle confirms all of the above and reported it to Apple direct. Apple took the reports from Mr. Wardle seriously, and with the immediate revocation of those certificates. Gatekeeper now will automatically block any installation attempts.

Unfortunately, it appears that the Shlayer campaign is still ongoing; the hackers have shifted gears and are now serving new payloads, notarized on the same day that Apple revoked the initial sample’s certificates. Still, a Malware Maker Gets Past Apple Security

As Patrick Wardle notes: “Both the old and ‘new’ payload(s) appears to be nearly identical, containing ‘OSX.Shlayer’ packaged with the Bundlore adware. However, the attackers’ ability to agilely continue their attack (with other notarized payloads) is noteworthy.

Clearly, in the never-ending cat & mouse game between the attackers and Apple, the attackers are currently (still) winning.”

Indeed. Best of luck to Apple, and if you’re a mac user, stay safe out there.

September 9, 2020 Filed Under: Blog Tagged With: Apple ecosystem, Apple Malware, Apple Security, Mac App Store, macOS Gatekeeper list

Primary Sidebar

GET OUR BLOG IN YOUR EMAIL!

Archives

  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • August 2018

Tags

adobe android App Apple attack Attacks Breach Browser Chrome Compromised Credit Card Dark Web Data Database Data Breach Email Facebook gmail Google government hacker Hackers information Internet iOS iPhone malware Microsoft Microsoft Windows 10 office 365 Password Passwords patch Phishing ransomeware Ransomware Scam security Social Media Update Vulnerability Vulnerable Wifi Windows Windows 10

Footer

Contact Us

Address: 3091 University Drive, Unit 210, Bryan, Texas 77802
Phone: 979-217-1226

Our Blog

  • JM Bullion Announces a Breach November 17, 2020
  • New Phishing Attack Uses Unique Method To Avoid Security November 16, 2020
  • Mattel’s Response to Ransomware November 14, 2020
  • Corporate Networks Left Vulnerable November 13, 2020
  • Adobe Addresses 14 Security Flaws November 12, 2020

Search

Follow Us

  • Facebook
  • Home
  • About
  • Resources
  • Contact
  • Our Leadership
  • Why Choose Us?
  • IT Services
  • Request a Consultation

Copyright © 2021| All Rights Reserved | Powered By Technologous, LLC | Log in