Although Apple often boasts about the security of its platforms, including the Mac App Store, there is still malware that can be lurking on the platform.
Security researcher Alex Kleber analyzed that seven different Apple developer accounts were managed by the same Chinese developer. According to Kleber, the developer's application tricked the Mac App Store in several ways, including hiding malware in it.
This malware, according to Kleber, can communicate with its controller servers, which allows it to hide from Apple's scans for malware. When the scan has been done, then the malware is downloaded and infiltrates the application.
Even in some cases, the application review team from Apple found significant differences in the application, even a completely different interface, as quoted by Techspot, Tuesday (9/8/2022).
Not only that, the app also uses popular services Cloudflare and GoDaddy to hide its hosting service provider. They even use Google's free site to display its privacy policy page.
But clearly, each of these applications uses the same password to decrypt the JSON file that is used to trick the application review team from Apple, which shows that this application was made by the same developer.
To show its authenticity, they also take advantage of fake review sales services to make their applications on the App Store look genuine and without problems.
Oh yes, this developer also made a number of the same application to increase its spread. Some of the malware-infected applications are quite popular, including PDF Reader for Adobe PDF Files, which is an application with a fairly large number of downloads.
Here are the applications that were infiltrated by malware on the Mac App Store
PDF Reader for Adobe PDF Files by Sunnet Technology
Netozo Limited's Word Writer Pro
Screen Recorder made by Safeharbor Technology
Webcam Expert made by Wildfire Technology
Streaming Browser Video Player made by Boulevard Technology
PDF Editor for Adobe Files by Polarnet Limited
Xu Lu's PDF Reader
Fortunately, Apple has now removed some of these apps from the Mac App Store as well as fake reviews in them.