A Chinese publisher has managed to deceive the vigilance of Apple, which has accepted malicious applications on the App Store for macOS.

Apple puts a lot of its communication on the security of the App Store, its application store, thus justifying more closed ecosystems than Android or Windows. But even the apple brand is not infallible and can overlook threats. This is according to a report by Alex Kleber, a cybersecurity researcher, who identified several malicious Chinese apps on the macOS App Store.

The investigation uncovered seven different Apple developer accounts, actually belonging to a single China-based publisher. Applications from this publisher contain hidden malware that can receive commands from a server. Thus, the malicious code can be active only once the application in question has been available on the App Store, and thus deceive Apple’s security systems.


Investigation report about the abuse of the Mac App store

apple, news, android

Using this technique, the developer can even change the interface of the application entirely. The app validated by Apple therefore bears no resemblance to the app that is ultimately downloaded and installed by users. To make it harder to trace them, all communication is with domains using services like Cloudflare and GoDaddy. Which allows them to hide their hosting provider.

One of the applications is a PDF reader that has got a countless times downloads on the App Store for macOS in the United States. Even making it one of the most installed apps. The app requires a paid subscription, while it offers the same features as any regular free PDF reader. Or even does not work at all.

To make believe that the app is legitimate and encourage users to download it. It is drowned in false positive comments, which hide the real opinions denouncing it. Since the report’s release, Apple has responded by removing many fake reviews of these apps. Some of them are no longer available in the App Store altogether.

Source/VIA :

Privacy1St

TECH NEWS RELATED

HBO Max's Harley Quinn Will Get A Valentine's Day Special For 2023

The wait for season 4 will be long, but Harley's got our backs with a Valentine's Day special coming much sooner.

View more: HBO Max's Harley Quinn Will Get A Valentine's Day Special For 2023

Boston Dynamics: please don't use our robots as weapons

The big picture: The leading companies in the robotics industry want to dissuade people of turning harmless machines into weapons with killing intents. General-purpose robots equipped with powerful firearms could spell doom for the very future of the industry, they say. A coalition of robotics companies led by Boston Dynamics ...

View more: Boston Dynamics: please don't use our robots as weapons

Everyone wants a tip now. Do you have to give them one?

Jenny Kivett went to see the band War on Drugs at Colorado’s storied Red Rocks Amphitheater last month. The show was great. Buying merch, less so: A vendor prompted her to kick in a 20 percent tip for an $80 purchase. Casey Schreiner wanted to cut down on plastic use, ...

View more: Everyone wants a tip now. Do you have to give them one?

How to watch Samsung Unpacked: Galaxy Fold 4, Flip 4, Watch 5 all unveiled

(Image: © Samsung) Samsung’s second big event of 2022 is now over, as the company took to the stage on August 2022 and announced a wide range of new devices, including the foldable Samsung Galaxy Z Fold 4 and Samsung Galaxy Z Flip 4. The company also unveiled the ...

View more: How to watch Samsung Unpacked: Galaxy Fold 4, Flip 4, Watch 5 all unveiled

How to watch today's Apple iPhone 14 launch event online

(Image: © Future / Lance Ulanoff) If you’re wondering how to watch today’s Apple Event, where the Cupertino company is expected to launch the iPhone 14 line, the Apple Watch 8, and likely numerous other new products, then we have you covered. The event kicks off today, September 7 ...

View more: How to watch today's Apple iPhone 14 launch event online

Shopify Improves its Platform to Promote Safer Shopping Experience, EU Announces

Shopify, a multinational e-commerce company, has agreed to implement adjustments to its platform related to shopper safety and the fight against fake products. Regulatory intervention in the European Union was prompted by a number of complaints, said the Commission in a statement released on Friday, Oct. 7. The Increasing Number of ...

View more: Shopify Improves its Platform to Promote Safer Shopping Experience, EU Announces

How to use Garmin Connect

(Image: © TechRadar) Garmin Connect is a platform that’s all about helping you stay in shape, giving you ways to make the most of your exercise or simply keep closer tabs on your health. Once you’ve paired it up with a compatible Garmin watch, you will open the door ...

View more: How to use Garmin Connect

OnePlus Nord Watch: release date, price, specs and features

Pixel Watch looks slim and sleek in recent unboxing leak

How to watch the Google Pixel 7 launch online live

Pixel Watch quoted as offering 24-hour battery life, based on new leak

New Pixel Watch leak reveals watch faces, strap styles and more

Samsung Galaxy Watch 4 Classic review

How to lock your bike securely: 10 things to check before you leave your bicycle behind

Are Fitbits waterproof? Your complete guide

How to Schedule Email in Outlook

Biden Data Privacy Order Triggers European Commission Review

NC Cops Bust Out Measuring Tapes To Stop The Carolina Squat

7 Best Compact SUVs of 2022 According to KBB

Nanoleaf Lights Can Now Synchronize With Your PC

OTHER TECH NEWS

Top Car News Car News