Apple Accidentally Approved Malware to Run on MacOS
Found on Wired on Monday, 31 August 2020
Even software distributed outside of the Mac App Store now needs notarization, or users wouldn't be able to run them without special workarounds. Seven months later, though, researchers have found an active adware campaign attacking Mac users with the same old payloads—and the malware has been fully notarized by Apple.
As with any trust-based system, notarization can help Apple keep security pretty tight, but anything that does sneak past can then spread quickly because it has the company's imprimatur. This is already a problem in both Apple's iOS App Store and Google's Play Store for vetted Android apps. Malicious apps often slip in and then get downloaded by unsuspecting users.
That's what you get for making users believe that walled gardens are by default secure.