Apple accidentally approved malware as an Adobe Flash Player update on MacOS.
Security Researcher Patrick Wardle says that the company approved an app containing code used by common malware, Shlayer.
Cybersecurity and anti-virus firm Kaspersky noted that Shlayer happens to be the most common threat to Macs. It is a trojan downloader which spreads through fake apps and bombards users with several adware.
Apple’s new notarization process announced in 2019 requires that each app is reviewed by the company and signed off by a developer before users can run it on their MacOS.
The process also applies to apps distributed externally to the Mac App store. Wardle says that this was the first time that Apple had mistakenly approved a Malware.
Wardle notified Apple once he discovered the malware and the company disabled the app’s developer account and revoked its certification.
The attackers were not fazed and reportedly managed to notarize their malware a second time. However, Apple says that both the new and old malware had their notarization revoked.