Making Cyber Simple. Really.

Over the years, Apple products have been touted as more secure than Microsoft Windows. While Apple does have strong security, a big reason for this perception in the marketplace is due to the fact that Microsoft Windows is more widely used in companies and organizations. But recently, malware targeting MacOS is growing despite efforts by Apple to take steps to mitigate attacks.

Apple uses a process called notarization, a review system that is separate from App Review that scans software for malicious content and code-signing issues, to ensure the safety and protection of their software and their users’ information. Hackers and cyber criminals are now finding ways to bypass this process by creating new and improved adware to “outsmart” Apple’s efforts.

Hackers are creating malware that tricks the notarization process into getting approval by Apple and can run on Catalina and Big Sur versions of MacOS. When interviewed, Patrick Wardle, a security researcher, states that, “as far as I know, this is the first-time hackers have been able to abuse Apple’s new notarization.”

On the surface, adware doesn’t seem to be as dangerous as malware, but it can cause more problems than most people realize. Another security researcher, Thomas Reed, recently wrote that “they can intercept and decrypt all network traffic, create hidden users with static passwords, make insecure changes to system settings, and generally dig their roots deep into the system so that it is incredibly challenging to eradicate completely.”

One of the bigger malwares in question is OSX.Shlayer. This piece of malware was able to get notarized by Apple’s security and is the most prevalent malware infecting MacOS systems. The goal of OSX.Shlayer is to continuously download and install adware to infect and attack user’s systems.

Once Apple was made aware of the findings, they quickly removed OSX.Shlayer’s certificates and rescinded their notarization status. The ongoing problem is that this malware was able to bypass the notarization status to begin with, meaning that others can break through.

Hackers and cyber criminals will continue to evolve their methods despite efforts from Apple and others to stay ahead of the curve, so it is important that you always check what you download, make sure it’s from a trusted vendor, and only install the apps and programs that you need.

INSUREtrust (d/b/a ITDC Insurance Services) is a national insurance wholesaler simplifying insurance for emerging risks. For over 22 years, INSUREtrust has focused on emerging risks related to Cyber Liability, Technology Errors & Omissions issues, and Miscellaneous Professional Liability (MPL).

Contact Information

INSUREtrust.com, LLC
5185 Peachtree Parkway
Suite 230
Norcross, GA 30092

Main phone number (during business hours)
(770) 200–8000 or 1-888-WEBRISK

Email us at: [email protected]

Newsletter Sign-Up

Keep up with our news and upcoming events delivered straight to your inbox. Enter your e-mail and subscribe to our newsletter.