Tech News

Servants Using the ‘Enhanced’ Bug To Protect Old MacOS Security


It is a malware MacOS is rising, Apple has been busy in recent years with the addition of security features that make it even harder for malicious software to run on Macs. But the threat in the working system, exposed and mixed today, was exploited beyond all of them.

Security analyst Cedric Owens detected the virus in March while looking at ways to protect himself from macOS. Apple is Door of the door The machines require manufacturers to register with Apple and pay a fee for their software to run on Macs. And the company’s software awareness system encourages all software to be monitored. The error that Owens found was not in those systems but in macOS itself. The attackers can maneuver the system to detect the slightest movement in their area, even if it means that they will not be able to control it.

“With all the changes Apple has made in recent years I was amazed that this simple method worked,” Owens says, “which is why I said this to Apple and gave the world a chance for the invaders to use this method.

The defect resembles a front door that is locked and securely fastened, but with a cat door on the ground where you can easily drop the bomb. Apple mistakenly thought that the software should have a different concept. Owens realized that if he wrote a program that was just a script – a code that tells another program what to do instead of just doing it – and he did not include the corresponding metadata file called “info.plist,” he could quietly run the program on any Mac. The operating system cannot offer its main recommendation: “This is an online recording program. Are you sure you want to open it?”

Owens reported the virus to Apple and also shared his findings with long-time macOS security investigator Patrick Wardle, who thoroughly investigated why MacOS threw the ball.

“The precision machine says, ‘Wait a minute, this is offline, I’m going to separate this and make all my checks,'” Wardle says. First, macOS checks to see if the app has been identified, which it is not. But it follows to see if the program is a burden to apply; when it detects that there is no ‘info.plist’ file, macOS falters that it is not a program, ignores any evidence against it, and allows it to run smoothly for the user. “They just say ‘OK, okay’ and it can drive anything,” Wardle says. “That’s great!”

After gaining a better understanding of how the virus works, Wardle spoke with Apple Jamf’s weapons control company to see if the company Protect antivirus product has detected any malware associated with this. Instead, Jamf had sung the genre of Shlayer adware which was using the virus.

The Group Warning section on macOS, which was launched in 2012, encourages users to ask if they are sure they want to run downloaded apps outside the Mac App Store. Over the years, insurgents have been able to trick people into believing that they can actually spread malicious software. But Apple’s notarization requirements, which came into effect in February 2020, have made it increasingly difficult for malware software developers to compromise Macs. If a user tests software that is not specified, macOS will reject the software altogether. This represents a major problem for cybercriminals, in particular Merchants, who rely on the masses to make money.

The team that makes up Shlayer has been looking for challenges, and it has another deceptive success for Apple to identify their malware. A toilet that gives you the opportunity to completely ignore notarization notifications, however, would be especially useful if it comes with an unnecessary bonus to trick users into agreeing to run a malware program at all.


Source link

Related Articles

Leave a Reply

Back to top button