- Joined
- Jun 13, 2020
- Messages
- 7,515
- Reaction score
- 916
- Points
- 212
- Awards
- 2
The programs were disguised as Adobe Flash Player installers.
Malware developers managed to bypass Apple's app notarization process for the second time in six weeks.
Apple requires app developers to submit programs for notarization, which automatically checks them for security issues and malicious code. Scanned applications are “notarized” and whitelisted inside Apple's GateKeeper security service.
Once added to the GateKeeper whitelist, notarized applications can be opened and installed with a simple click without any warnings or pop-ups.
Security researcher Joshua Long of Intego has discovered six new applications that have gone through the notarization process. The programs were disguised as Adobe Flash Player installers. Once the applications are installed on the system, they download and install the OSX / MacOffers adware (also known as MaxOfferDeal).
The new malware uses a technique called steganography to hide the malicious payload in a separate JPEG image file. According to experts, this is how the malware was able to bypass Apple's notarization process.
This is the second time in the past six weeks that malware developers have managed to trick Apple's security systems. At the end of August this year, the company accidentally allowed the Shlayer malware to run on macOS. The malicious software was disguised as an update for the Adobe Flash Player and passed the necessary verification.
Malware developers managed to bypass Apple's app notarization process for the second time in six weeks.
Apple requires app developers to submit programs for notarization, which automatically checks them for security issues and malicious code. Scanned applications are “notarized” and whitelisted inside Apple's GateKeeper security service.
Once added to the GateKeeper whitelist, notarized applications can be opened and installed with a simple click without any warnings or pop-ups.
Security researcher Joshua Long of Intego has discovered six new applications that have gone through the notarization process. The programs were disguised as Adobe Flash Player installers. Once the applications are installed on the system, they download and install the OSX / MacOffers adware (also known as MaxOfferDeal).
The new malware uses a technique called steganography to hide the malicious payload in a separate JPEG image file. According to experts, this is how the malware was able to bypass Apple's notarization process.
This is the second time in the past six weeks that malware developers have managed to trick Apple's security systems. At the end of August this year, the company accidentally allowed the Shlayer malware to run on macOS. The malicious software was disguised as an update for the Adobe Flash Player and passed the necessary verification.
