No matter how secure you are, you can still be breached. This statement always reminds us that we should never let our guard down, even in the best of our times.
MacOS, considered one of the most secure Operating Systems in the world, has been breached. Hackers have created a bug, coined as MacOS Malware, that can sneak past its safeguard. By the time the bug was discovered and the vulnerability was patched, the hackers had spread the malware.
Apple has been adding layers and layers to their protection, making it difficult for hostile software to enter the system. This new bug in the operating system, which was publicly disclosed recently and is bypassing security by exploiting the openings, has given Apple a headache.
This bug was discovered by Cedric Owens, a security researcher, in mid-March. Owens was going through the defenses of MacOS when he discovered this bug. Apple’s mechanism asks the developers to pay a fee to run their software on Apple products. The same is the case for MacOS as well. After this, notarization instructs that all the applications need to go through a screening process. Now, the bug is tricking the MacOS that allows the applications to go through without passing the security checks. This implies that the bug is not attacking the safety mechanism but the operating system itself. This bug is more accessible to create than attacking the security mechanism.
Owens quoted, “It is surprising that with so much of the security mechanism in Apple, such a simple technique was able to attack the OS.” Therefore, I immediately reported to the Apple Gatekeeper as this bug can be abused in multiple ways, Owen further said.
After getting the reports from Owen, security researcher for MacOS, Patrick Wardle conducted a deeper analysis for this bug and thought about how this happened. This is the worst mistake we could have committed and needs to be resolved as quickly as possible, Patrick said.
After understanding what the bug is doing and how it is working, Patrick approached Jamf, an Apple device management firm, to look at whether the antivirus has flagged any malware that fits the criteria on which bug is working. Interestingly, the firm did flag one malware that was actively exploiting the bug.
In the end, the researchers stress the fact that the bug was simple but was a consequence of an engineering error, which can happen. The most important thing is that it reflects how fragile even the most advanced anti-malware protection is. But these mistakes will reinforce the people to rigorous audits for the protection.