The notarized malware payloads were discovered in a recent MacOS adware campaign, disguised as Adobe Flash Player updates.

Apple accidentally approved one of the most popular Mac malware threats – OSX.Shlayer – as part of its security notarization process.

The Apple notary service is an automated system on recent macOS versions that scans software (ranging from macOS apps, kernel extensions, disk images and installer packages) for malicious content and checks for code-signing issues. Then, when a macOS user installs the software, Apple’s Gatekeeper security feature notifies them about whether any malicious code was detected before they open it.

Security researchers Peter Dantini and Patrick Wardle recently discovered that Apple inadvertently notarized malicious payloads that were utilized in a recent adware campaign.

#web security #adobe flash player #adware #adware campaign #apple #security