In February 2020, Apple implemented a new system to validate new software on macOS. A fully automated process that analyzes the source code of software to make sure it is secure. Unfortunately, this automation of the process proved its weaknesses a few weeks ago and it was not a first.
Researcher Matt Muir recently discovered that Apple had notarized – or validated – a malicious application on macOS. The latter pretended to be an installer of Adobe Flash Player, but was actually hiding malware. To confuse the issue, the authors of the corrupt installer hid the malware code in a JPEG image, thus fooling Apple’s security system. This is a fairly widespread technique, known as steganography.
Once installed, the malware could deploy and modify the default web browser search engine on Macs. The damage caused by the OSX / MacOffers malware was not that great, but if it was able to find its way into Apple’s operating system undetected, others may repeat the feat and next time the consequences could be more serious. In this case, Apple learned of its error and removed the malware certificate.
We can still hope that Apple will strengthen its automated process for validating software on macOS to prevent other malware from reaching the Mac.
*The article has been translated based on the content of Source link by https://www.20minutes.fr/high-tech/2895279-20201028-apple-a-autorise-par-erreur-un-logiciel-malveillant-sur-macos
. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will…