Statistics show that cybercrime has gone up by over 400% since the start of the pandemic. With shocking numbers like this, Apple has been putting up a solid fight to protect its users with top-of-the-range security tools. But recently, hackers found a vulnerability in the Mac operating system, allowing them to bypass all security systems.
Even Mac’s Gatekeeper, which checks developer ID signatures to notarize apps and plugins, didn’t notice the malware. Usually, it displays a warning on any apps or plugins after scanning them and deeming them suspicious. But not this time.
While looking for loopholes in mid-March, a security researcher named Cedric Owens managed to uncover a vulnerability in macOS that could pose a severe risk to the system.
The malware came in the form of an app with a simple code, without the metadata, “info.plist.” It works by telling programs what to do rather than performing the actions themselves. That way, it looks like a harmless file, making it easy to launch without detection.
Once it bypassed security, it displayed a prompt with this message, “This is an application downloaded from the Internet. Are you sure you want to open it?”
All the user needs to do is double-tap.
The good news is that Owens immediately reported his findings to Apple, and it completely sealed the vulnerability on April 24th, 2021. The company also updated XProtect that notifies users of any other program that will attempt to exploit the flaw again.
You can also put an extra layer of protection by using Intego, antivirus software that runs in real-time and protects you from malware. And the best thing is that it doesn’t compromise your device’s performance.