Researchers: North Korean hackers newly developed malicious software can evade Apple's notarization and break into macOS systems
On November 13, it was reported that North Korean hackers appear to have developed malicious software capable of evading Apple's security checks. Researchers at Jamf Threat Labs, which focuses on Apple, said the apps appear to be experimental. This is the first time they have seen this technique being used to hack into Apple's macOS operating system, but it will not run on the latest systems.
The researchers found that Microsoft's VirusTotal online scanning service reported that the apps were harmless, but in fact malicious. Variants of the apps were written in Go and Python, using the Google Flutter app, an open-source power builder package that can be used to create multi-platform apps.
Five of the six malicious apps had developer account signatures and were provisionally notarized by Apple. "The domain names and techniques in the malicious software are very similar to those used in other malicious software by North Korean hackers, and there are indications that the malicious software was signed or even temporarily passed Apple's notarization process," the researchers wrote.