It’s not too long ago that Apple said that their Macs aren’t susceptible to the malware and viruses plaguing Windows. They also said that it’s thanks to built-in defences in Mac OS X that keep you safe without any work on your part.
However, the “truth” is that due to inherent cross-platform incompatibilities and not Apple’s “defences”, a native Windows virus cannot directly execute on macOS.
Unfortunately, even this claim is rather subjective. Back in 2012, thanks to Java, cross-platform malware could be found targeting both Windows and macOS.
Today, malicious code targeting macOS is far too common.
Apple Accidentally Approves Adobe Malware
According to security researcher Patrick Wardle, Apple approved an app that contained code used by a well-known malware called Shlayer.
Shlayer is a trojan downloader that spreads through fake applications. It bombards users with an influx of adware. Even cybersecurity and anti-virus firm Kaspersky said in 2019 that it’s the “most common threat” to Macs.
Wardle says this is the first time he knows of that Apple mistakenly notarized malware following the debut of its new notarization process.
Apple announced the macOS notarizing process in 2019, requiring every app to be
- Reviewed by Apple
- Signed by a developer before it can run on macOS. This is even if they’re being distributed outside the Mac App Store.
After discovering this, Wardle contacted Apple and the company disabled the developer account. The attackers reportedly managed to notarize the malware again, but Apple told TechCrunch that both the old and new malware had their notarization revoked.