Apple approved nasty Shlayer malware that mimicked Adobe Flash Player update for macOS.
Security researcher Patrick Wardle reports that Apple accidentally approved an app for its macOS that contained what Kaspersky regarded as the biggest threat to Macs in 2019, a trojan downloader called Shlayer. It has the capability of spreading via fake applications and bombards the device with adware.
macOS is considered a secure operating system when compared to Windows. However, lately, the number of malware campaigns targeting macOS increased considerably, prompting Apple to mitigate the threat through notarization.
See: Hackers manipulating Google searches to spread nasty Mac malware
Apple introduced notarization in macOS 10.15 (Catalina) to make it mandatory for every app to be evaluated by Apple and signed by a developer before it runs on macOS, even if it is distributed outside of the App Store.
It seems like some adware can bypass this process as well which reminds us of Google Play Store and how its Play Protect fails to identify malware every now and then. On the other hand, macOS blocks all Non-notarized software which Wardle believes was a promising idea that went wrong.
“With the goal of stymieing the influx of malicious code targeting macOS, notarization seemed like a promising idea. Sadly, not all promises are kept,” Wardle said in a blog post.
Acco ..
Support the originator by clicking the read the rest link below.
