MacOS Gatekeeper vulnerability makes it possible to install malware
Security researcher Filippo Cavallarin has identified a flaw in the MacOS Gatekeeper authentication system that can enable the delivery of a malicious software package that can ultimately take control of the system if properly exploited.
As the Apple describes in the official support page, Gatekeeper is the function that has been present in Apple's operating system since 2012 with the aim of keeping the scheme secure from malware by screening downloaded applications: those from the App store and identified developers are opened without issues, those not acknowledged need customer confirmation.
However, screening does not occur if an app is transmitted from a local storage device that has been enabled via automount (another fundamental feature of macOS). By misleading Gatekeeper to believe that a downloaded file originated from a local drive, Cavallarin could bypass the verification protocols. Last February, the safety investigator approached Apple to notify the issue, but he chose on May 24th to make the discovery public after receiving no reply.
Apparently the vulnerability was exploited by the safety business Intego to distribute a malware. This is the package OSX / Linker that enables you to take complete control of the targeted machine. The OSX / Linker code has been downloaded to VirusTotal four times, a repository used by scientists to share and acknowledge instances of malware: it is a relatively small event, and the fact that Intego has already recognized the malware makes it likely that other antivirus instruments can also identify it.
However, at this stage, avoiding OSX / Linker malware should be relatively simple, particularly if you prevent downloading content from unreliable sources. Another countermeasure-before an official patch-may be to disable the car, with the flip side of having to activate (mount) internal drives manually whenever used.