Apple Signs Shlayer, Legitimizes Malware

  /     /     /  
Publicated : 23/11/2024   Category : security


Apple Signs Shlayer, Legitimizes Malware


Shlayer, a common macOS Trojan, received Apples notary certification and place in the App Store -- twice.



Shlayer, a Trojan that infects up to one in 10 of all global MacOS systems, received a huge leg up in its infection campaign when Apple blessed an infected application as safe and gave it a place in the App Store.
Peter Dantini, a college student, initially discovered the signed software through a mistake in typing the URL for Homebrew, a macOS package manager.
Dantini contacted Patrick Wardle, principal security researcher at Jamf, who confirmed the find and notified Apple on Aug. 28. Apple revoked the applications certificate the same day, but Wardle found Shlayer signed with a different Apple Developer ID on Aug. 30 and once again notified Apple.
Apples walled garden has developed a reputation for keeping users safe from malicious applications. While the system has historically worked well, any application that slips through the systems defenses can quickly spread since relatively few macOS users see the need for anti-malware software.
Read more 
here
and
here
.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Apple Signs Shlayer, Legitimizes Malware