Hackers deceive Apple with Shlayer applications

The creators of the malicious software of Mac Shlayer applications, managed to gain access through payloads to Apple.

From February 2020, all Mac software distributed outside the Mac App Store must be Apple-signed in order to run on MacOS Catalina or later.

The signing process requires developers to submit the software they created for the macOS platform for scanning through Apple's service, an automated system designed to scan software for both malware and code signing issues.

If they pass this automated check , οι εφαρμογές γίνονται αποδεκτές από το macOS Gatekeeper, μια δυνατότητα ασφαλείας του macOS που ελέγχει εάν οι ληφθείσες εφαρμογές έχουν ελεγχθεί για κακόβουλο , in order to execute them in the system.

According to Apple, if there is ever a problem with an application, the company immediately stops the new installation and in addition is able to prevent the application from starting.

Apple's signature process failed

Although the company says that the software signed for macOS is designed to give the more security, as discovered by Peter Dantini last week, Apple was tricked by the Shlayer malware.

He found that adware Shlayer is distributed through a fake and malicious page and could be run on any Mac device running macOS Catalina without automatically blocking it.
This is the reason why adware managed to load the payload on its victims.

https://twitter.com/PokeCaptain/status/1300440938301607939

After Wardle reported the malware samples to Apple, the company reacted immediately and revoked the certificates (meaning they will be automatically stopped by Gatekeeper) on the same day, August 28th.

Although some Mac users believe that the malware only targets the and that Mac devices are safe, Shlayer attacks 10% of all Mac devices, according to a Kaspersky report released in January 2020.

Shlayer was first spotted by Intego's research team, and was distributed in February 2018, disguised as a fake Adobe Flash Player installer like many other malware campaigns targeting the macOS platform.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

apple

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).