A new variant of the MacSync Stealer uses a code-signed Swift application to get around Apple’s macOS Gatekeeper protections.
The malware gets around Gatekeeper by being a notarized app
Gatekeeper on macOS does a pretty good job at fending off malware and other harmful software that could steal a user’s data. While attackers come up with various techniques to trick the user into bypassing Gatekeeper, a new delivery method simplifies the attack process considerably.
Researchers at Jamf Threat Labs posted about a new variant of MacSync Stealer on Tuesday that uses a different method to attack macOS. A method that manages to take advantage of the notarization system Apple employs.
Continue Reading on AppleInsider | Discuss on our Forums