Yet another strain of malware targeted at Mac users has popped up this week to prove you shouldn’t disable the Gatekeeper feature baked into OS X. “OSX/Keydnap” disguises itself as an innocent text or image file, then installs malicious code onto your Mac.
Apple’s Gatekeeper feature was designed to keep even the most advanced users from accidentally installing malicious software on their computers, but a super-simple exploit lets hackers sneak malware onto your Mac.
The exploit was discovered by Patrick Wardle, director of research at security firm Synack. Wardle found that the exploit is made possible thanks to a key design shortcoming in Gatekeeper that lets an attacker use a binary file already trusted by Apple to execute malicious files.
A new Mac malware has been found in the wild that allowed attackers to steal data and install unauthorized apps on a compromised machine. What makes this malware different than other recent Mac malware, though, is that it breezes right past Gatekeeper… and the people behind it might have been gunning for the life of their malware victim.
One way your Mac makes sure you’re (relatively safe) from rogue apps is what’s called Gatekeeper. By default, this bit of software only allows you to install verified apps from the Mac App Store on your Mac. What if, however, you want to download software from a Mac developer who doesn’t distribute their software on the Mac App Store? You’ll need to bypass Gatekeeper in order to do so.