Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Sponsored By
Apple Signs Shlayer, Legitimizes MalwareApple Signs Shlayer, Legitimizes Malware
Shlayer, a common macOS Trojan, received Apple's notary certification and place in the App Store -- twice.
Dark Reading Staff
September 2, 2020
1 Min Read
Shlayer, a Trojan that infects up to one in 10 of all global MacOS systems, received a huge leg up in its infection campaign when Apple blessed an infected application as "safe" and gave it a place in the App Store.
Peter Dantini, a college student, initially discovered the signed software through a mistake in typing the URL for "Homebrew," a macOS package manager.
Dantini contacted Patrick Wardle, principal security researcher at Jamf, who confirmed the find and notified Apple on Aug. 28. Apple revoked the application's certificate the same day, but Wardle found Shlayer signed with a different Apple Developer ID on Aug. 30 and once again notified Apple.
Apple's "walled garden" has developed a reputation for keeping users safe from malicious applications. While the system has historically worked well, any application that slips through the system's defenses can quickly spread since relatively few macOS users see the need for anti-malware software.
About the Author(s)
You May Also Like
More Insights
Webinars
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023
Events
