Apple-approved malware has arrived, leading experts to wonder if more is on the way.
In a blog post, Patrick Wardle, Principal Security Researcher at Jamf, said malicious adware accidentally notarized by Apple has been discovered. Wardle found the malware along with Peter Dantini.
The idea behind notarization is to allow Apple to block malicious content, Wardle wrote, adding that Apple’s macOS operating system had been a safe space relatively free of the viruses that have plagued Windows users.
“The idea was that malicious code would of course, not be notarized and thus the majority [of] attacks targeting macOS users (adware campaigns, etc) would be thwarted,” Wardle wrote.
The bad code is linked to Shlayer malware, one of the most common threats for Macs. It often appears as a fake Adobe Flash player installer and, in some cases, generates its own fake search engine to display unwanted adware.
But more of this could be on the way.
“Since the Apple system was proven to be rather trivial to ‘trick,’ we're likely going to see more of this in the near future,” Wardle told Fox News.
“Of course the hope is Apple uses this as a learning experience and improves their system to detect malicious code that is trying to (ab)use it to gain notarization approval," he added.
The news was first reported by Techcrunch.
After reporting the notarized payloads, Apple revoked the notarization status, Wardle explained.
Fox News has reached out to Apple for comment.
It wasn’t long ago that Apple’s Mac platform was considered the safe alternative to Windows. That’s not the case anymore, according to Malwarebytes.
In a report published in February, Malwarebytes said threats to Mac computers were up more than 400% in 2019 from 2018.
“This is likely because, with increasing market share in 2019, Macs became more attractive targets to cybercriminals,” the report stated.
The problem is, Apple hasn’t cracked down on adware and so-called potentially unwanted programs (PUPs) as much as it has on other kinds of undesirable software, “leaving the door open for these borderline programs to infiltrate,” the report said.
“Apple has long been outspoken and a leader in promoting the notion of security for its ecosystem,” Brandon Hoffman, Chief Information Security Officer at San Jose, Calif.-based Netenrich, told Fox News.
“Having an application notarized by Apple that includes a malicious payload is a significant blow,” he said, adding that many people flock to Apple because of the strict requirements for securing apps that run on Apple hardware.
“Apple needs to address this with the strong leadership position they have always taken and provide significant assurances around their program before it has a domino effect,” Hoffman explained.