These Mac apps are secretly spreading malware — delete them now

MacBook Pro 16-inch 2021 sitting on a patio table
(Image credit: Future)

Although Apple devices are often thought of as being safer than PCs running Windows, they can become infected with malware after accidentally installing a malicious app.

According to a new report from security researcher Alex Kleber (Privacy 1st), seven different Apple developer accounts, which are all managed by the same Chinese developer, have been secretly distributing malware via the Mac App Store.

While the malware inside these apps isn’t active at first, once installed on a user’s device, they receive commands from a command and control (C&C) server that enables the malware. This allows the apps to bypass Apple’s security checks and remain on the Mac App Store.

Interestingly enough, the developer of these malicious programs is able to alter their user interface (UI) remotely. As such, Apple’s review team sees a completely different UI when inspecting them according to TECHSPOT.

Uninstall these programs now

Below you’ll find a list of all of the malicious Mac apps in question along with their developers. Although some of them have already been removed from the Mac App Store by Apple, they can still be dangerous if left installed on your devices which is why you should delete them immediately.

  • PDF Reader for Adobe PDF Files - Sunnet Technology Inc
  • Word Writer Pro - TeamIdentifier
  • Screen Recorder - TeamIdentifier
  • Webcam Expert - TeamIdentifier
  • Streaming Browser Video player - TeamIdentifier
  • PDF Editor for Adobe Files - TeamIdentifier
  • PDF Reader - TeamIdentifier

Fake reviews and multiple copies of the same app

Kleber first realized that all of these malicious apps were actually created by the same developer when he discovered that they all use the same password to decrypt a JSON file they use to fool Apple’s review team.

At the same time, these apps also use fake reviews with perfect five star ratings to quickly climb the charts of the Mac App Store. However, upon further inspection, it’s clear that these reviews are fake as the same writing style and language are used across multiple reviews.

In order to reach even more users, the developer of these malicious programs also created multiple copies of the same application. 

While not all of these apps have gained popularity on the Mac App Store, one in particular, ‘PDF Reader for Adobe PDF Files” rose to the top of the most downloaded applications on Apple’s store in the U.S.

Staying safe from malicious apps

Woman using smartphone and laptop

(Image credit: Shutterstock)

Any application you download and install on one of the best MacBooks or other Apple devices has the potential to be malicious. Even with the iPhone maker’s stringent security, bad apps manage to slip through the cracks from time to time.

This is why you should always carefully examine the rating of any app you want to install as well as take a look at its reviews. Although an app has a high rating and loads of positive reviews, they could be fake, so look for similar language, poor grammar and other signs that an app’s reviews may not be genuine.

Additionally, you should install one of the best Mac antivirus software solutions on your devices as they can help keep you safe from malware and other threats if you do happen to install a malicious program.

Next: Apple's VR headset was just tipped for a January launch — and it could cost $2,000. 

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.