Friday, October 30, 2020

More Notarized Mac Malware

Joshua Long (via Catalin Cimpanu, tweet, Patrick Wardle):

For the second time in six weeks, Apple has been caught notarizing Mac malware.

Intego previously reported that Apple inadvertently notarized more than 40 malware samples in August.

This time, rather than the notarized malware belonging to the OSX/Shlayer and OSX/Bundlore families, the latest malware is from the OSX/MacOffers (aka MaxOfferDeal) family.


The new malware uses a technique called steganography to hide its malicious payload within a separate JPEG image file, which is likely why the malware was able to slip past Apple’s notarization process.


Update (2021-06-05): ConfiantIntel (via Patrick Wardle):

@lordx64 found yet another @Apple notarized App, this time it is a backdoored Electrum Wallet

1 Comment RSS · Twitter

How very unsurprising.

Leave a Comment