Apple Signs Shlayer, Legitimizes MalwareApple Signs Shlayer, Legitimizes Malware
Shlayer, a common macOS Trojan, received Apple's notary certification and place in the App Store -- twice.
September 2, 2020
Shlayer, a Trojan that infects up to one in 10 of all global MacOS systems, received a huge leg up in its infection campaign when Apple blessed an infected application as "safe" and gave it a place in the App Store.
Peter Dantini, a college student, initially discovered the signed software through a mistake in typing the URL for "Homebrew," a macOS package manager.
Dantini contacted Patrick Wardle, principal security researcher at Jamf, who confirmed the find and notified Apple on Aug. 28. Apple revoked the application's certificate the same day, but Wardle found Shlayer signed with a different Apple Developer ID on Aug. 30 and once again notified Apple.
Apple's "walled garden" has developed a reputation for keeping users safe from malicious applications. While the system has historically worked well, any application that slips through the system's defenses can quickly spread since relatively few macOS users see the need for anti-malware software.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
AI in Cybersecurity: Using artificial intelligence to mitigate emerging security risks
The Evolving Ransomware Threat: What Business Leaders Should Know About Data Leakage
Managed Security and the 3rd Party Cyber Risk Opportunity Whitepaper