A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.
These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.
more…
