Although it is a very rare sight to see Apple becoming careless with malware but such a case has recently occurred as Apple accidentally approved a common malware that came connected with the update of Adobe Flash Player for macOS.
As first reported by security researcher Patrick Wardle, Apple gave a go-ahead to the app that was using a specific code based on well-known malware called Shalyer. For those of you who don’t know, Shlayer serves to be a trojan downloader and it spreads with the help of fake applications and as a result users are bombarded with an influx of adware. In fact, in 2019, cybersecurity and anti-virus firm Kaspersky also declared Shlayer as the most common threat to Macs too.
Furthermore, along with giving this important piece of information, Wardle also told that this is the first time that Apple has mistakenly authorized malware ever since the debut of their new notarization process for Mac in 2019. The process included every app to be first reviewed by Apple and then even signed by a senior developer before it could run on macOS. The notarization policies currently are also implemented for apps that have their distribution set outside the Mac App Store.
Nevertheless, things turned out to be good when Wardle contacted Apple and informed them about the malware, the company disabled the associated developer account in a matter of few hours and also revoked its certification.
On the other hand, it is also reported that the attackers have managed to notarize the malware again but for now we will have to go by Apple’s words as the company has told a media outlet that they have the notarization revoked for both new and old malware.
Read next: Apple Officially Launches Its App Store Appeals Process, Developers Can Now Challenge App Store Rules
As first reported by security researcher Patrick Wardle, Apple gave a go-ahead to the app that was using a specific code based on well-known malware called Shalyer. For those of you who don’t know, Shlayer serves to be a trojan downloader and it spreads with the help of fake applications and as a result users are bombarded with an influx of adware. In fact, in 2019, cybersecurity and anti-virus firm Kaspersky also declared Shlayer as the most common threat to Macs too.
Furthermore, along with giving this important piece of information, Wardle also told that this is the first time that Apple has mistakenly authorized malware ever since the debut of their new notarization process for Mac in 2019. The process included every app to be first reviewed by Apple and then even signed by a senior developer before it could run on macOS. The notarization policies currently are also implemented for apps that have their distribution set outside the Mac App Store.
Nevertheless, things turned out to be good when Wardle contacted Apple and informed them about the malware, the company disabled the associated developer account in a matter of few hours and also revoked its certification.
On the other hand, it is also reported that the attackers have managed to notarize the malware again but for now we will have to go by Apple’s words as the company has told a media outlet that they have the notarization revoked for both new and old malware.
Read next: Apple Officially Launches Its App Store Appeals Process, Developers Can Now Challenge App Store Rules
