Apple, despite its best intentions to keep macOS and its surrounding ecosystem safe, sometimes has a slip-up. Last year Apple introduced “notarization” scans for apps and software that can run on Macs. Apps that are approved bypass Gatekeeper on the Mac, apps that don’t cant run.
TechCrunch reports that last year Apple approved software by accident, not realizing it was malware. Per the report:
Wardle (well known Mac security researcher) confirmed that Apple had approved code used by the popular Shlayer malware, which security firm Kaspersky said is the “most common threat” that Macs faced in 2019. Shlayer is a kind of adware that intercepts encrypted web traffic — even from HTTPS-enabled sites — and replaces websites and search results with its own ads, making fraudulent ad money for the operators.
The software bypassed Apple’s notarization system, meaning the process did not detect malicious code in the software, even on the next version of macOS, Big Sur which is still in beta. Wardle reached out to Apple informing them of the malware, in a statement shared with TechCrunch Apple says they removed the software and thanked the researchers for pointing it out.
“Malicious software constantly changes, and Apple’s notarization system helps us keep malware off the Mac and allow us to respond quickly when it’s discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe.”