Security researchers find Mac malware accidentally notarized by Apple — Apple World Today

[ad_1]

However, Peter Dantini working with Mac security researcher found a malware campaign disguised as an Adobe Flash installer. These campaigns are common and have been around for years — even though Flash is rarely used these days — and most run un-notarized code, which Macs block immediately when opened, notes TechCrunch.

However, Dantini and Wardle found that one malicious Flash installer had code notarized by Apple and would run on Macs. Apple revoked the notarized payloads after Wardle reached out, preventing the malware from running on Macs in the future.

In a statement, a spokesperson for Apple told TechCrunch: “Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”

However, Wardle said that the attackers were back soon after with a new, notarized payload, able to circumvent the Mac’s security yet again.



[ad_2]

Source link