Apple has a solid reputation in the cybersecurity space and in recent times, it has increased emphasis on its privacy-centric operating systems. iOS has a host of features that let you monitor and control app data collection while macOS is generally known to be virus-immune.
In recent years, macOS has come under increasing attack via ransomware and adware. To protect users, Apple announced a new process called “notarizing.” It basically scans the software for security issues and malicious content. The software can run on macOS only if it has cleared notarization.
However, Peter Dantini, who works with well-known Mac security researcher Patrick Wardle, has discovered a malicious program that’s disguised as an Adobe Flash installer. The malware was accidentally notarized by Apple and officially made its way into the Mac ecosystem.
Also called the “Shlayer” adware, it could affect as many as one in 10 macOS devices. Wardle has confirmed that Apple approved the code and it can run on the unreleased Beta version of macOS Big Sur.
Keep in mind, the program does not steal your data or set up a backdoor entry. It’s essentially an adware program that generates a lot of annoying ads. It isn’t clear how the program was able to get past Apple’s notarization, but this is the first case of malware directly getting approved.
“Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered,” Apple said in a statement. “Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”