Tech

Apple accidentally gave a malware app for macOS its stamp of approval

The company was tricked into notarizing an app that injects ads into the web browser. Twice.

Shutterstock

Apple accidentally "notarized" a malware application for macOS that, when installed, injects obnoxious and distracting ads into a user's web browser. Notarization is Apple's automated process of scanning new applications for malicious behavior and granting them a seal of approval if they're deemed safe. One notorious developer of adware was able to somehow slip past Apple's firewall and get notarized, however. It's great advertising for the developer... but not a great look for Apple.

macOS virus defenses — Unlike on iOS where users can only download vetted apps from the App Store — a subject of much consternation lately — on Macintosh desktops and laptops you can download apps from anywhere. But macOS has long had a reputation of being virus-free, and since Apple doesn't want to lose those bragging rights, it recently began automatically scanning apps and giving them a seal of approval so long as they aren't clearly malicious. The approval process takes minutes. Apple allows users to download apps from anywhere on the open web but discourages installing ones that aren't notarized by putting up extra steps to use them.

In this case, a particularly well-known adware application called Shlayer was able to get notarized even though it was apparently similar to past versions that Apple should be aware of. The company removed Shlayer's notarization after being alerted to it, but the developer was able to get it signed again by simply resubmitting it through a different developer account before getting pulled again.

You're probably fine — Despite this gaff, macOS is still pretty safe, and it's probably better to notarize than not, even though some malicious software can slip through. Adware developers are persistent because injecting advertisements onto millions of computers can lead to a big payoff, so they'll keep trying new ways to evade Apple's automated systems. But we've been living with an open macOS ecosystem for years and nobody's really complaining about rampant malware problems.

The problem on macOS could certainly get worse if shady developers see an opportunity, though. If you want to protect yourself, cybersecurity experts suggest that dedicated antivirus software would catch Shlayer even if Apple doesn't. You probably haven't ever thought about downloading antivirus software on your Mac, but a second line of defense couldn't hurt. Oh, and we shouldn't have to tell you this, but watch where you download apps from. Malware on the web certainly gives Apple a case for restricting downloads to the App Store, where vetting is much tighter, but based on its hamfisted treatment of developers there, nobody really wants that.