According to a new report from security researcher Alex Kleber (opens in new tab) (Privacy 1st), seven different Apple developer accounts, which are all managed by the same Chinese developer, have been secretly distributing malware via the Mac App Store. While the malware inside these apps isn’t active at first, once installed on a user’s device, they receive commands from a command and control (C&C) server that enables the malware. This allows the apps to bypass Apple’s security checks and remain on the Mac App Store. Interestingly enough, the developer of these malicious programs is able to alter their user interface (UI) remotely. As such, Apple’s review team sees a completely different UI when inspecting them according to TECHSPOT (opens in new tab).
Uninstall these programs now
Below you’ll find a list of all of the malicious Mac apps in question along with their developers. Although some of them have already been removed from the Mac App Store by Apple, they can still be dangerous if left installed on your devices which is why you should delete them immediately.
PDF Reader for Adobe PDF Files - Sunnet Technology IncWord Writer Pro - TeamIdentifierScreen Recorder - TeamIdentifierWebcam Expert - TeamIdentifierStreaming Browser Video player - TeamIdentifierPDF Editor for Adobe Files - TeamIdentifierPDF Reader - TeamIdentifier
Fake reviews and multiple copies of the same app
Kleber first realized that all of these malicious apps were actually created by the same developer when he discovered that they all use the same password to decrypt a JSON file they use to fool Apple’s review team. At the same time, these apps also use fake reviews with perfect five star ratings to quickly climb the charts of the Mac App Store. However, upon further inspection, it’s clear that these reviews are fake as the same writing style and language are used across multiple reviews. In order to reach even more users, the developer of these malicious programs also created multiple copies of the same application. While not all of these apps have gained popularity on the Mac App Store, one in particular, ‘PDF Reader for Adobe PDF Files” rose to the top of the most downloaded applications on Apple’s store in the U.S.
Staying safe from malicious apps
Any application you download and install on one of the best MacBooks or other Apple devices has the potential to be malicious. Even with the iPhone maker’s stringent security, bad apps manage to slip through the cracks from time to time. This is why you should always carefully examine the rating of any app you want to install as well as take a look at its reviews. Although an app has a high rating and loads of positive reviews, they could be fake, so look for similar language, poor grammar and other signs that an app’s reviews may not be genuine. Additionally, you should install one of the best Mac antivirus software solutions on your devices as they can help keep you safe from malware and other threats if you do happen to install a malicious program. Next: Apple’s VR headset was just tipped for a January launch (opens in new tab) — and it could cost $2,000.
