Apple Security Fails To Detect Mac Malware Allow Installation On Systems

mac malware flash

It is the second time in a few weeks: malware targeting Mac systems has been waved by Apple through the automated “authentication”. Obviously, the company has persistent problems with the system that is supposed to provide security.

Again, malware is slipping through the mesh with Apple

The unsightly find in the app library for OSX devices is again thanks to the security researchers from Intego, who reported on similar malware six weeks ago. As the experts write about their new discovery, the newly discovered malware belongs to the OSX/MacOffers family (alias MaxOfferDeal) and was discovered “in the wild” when investigating cracked Mac software. The malicious code was camouflaged with a technique called steganography, with which malicious payload can be hidden in a separate JPEG image file – this is probably how Apple’s authentication process was also outwitted.

With a detection rate of 0 percent in Google’s VirusTotal meta virus search after the malware was first uploaded between October 6th and 13th, the creators are definitely proving their skills in circumventing protective measures. Like almost, all currently widespread Mac malware, the latest OSX/MacOffers variant disguises itself rather clumsily as an Adobe Flash Player installation program and aims to manipulate searches in the browser. “In 2020 nobody should believe a website that asks for downloading or updating Flash,” add the security experts again. As so often, the makers of the malware are clearly targeting somewhat inexperienced users.

Remains a problem

Apple was made aware of the malware and withdrew its developer certificate on October 12th. Further infections with the software discovered by the security researchers are thus almost impossible, but the automated authentication process remains a problem, according to the security experts. Because: It is easy for the people behind it to get a new developer ID from Apple.