Installing applications on a device Mac It’s generally safer to do this on Windows, open source software is usually benign but there are exceptions to each of these assumptions that can cause immeasurable damage to your privacy and security.
A recent discovery from Trend Micro provides a striking example of this risk, and an open-source app designed to help Mac owners sign iPhone and iPad apps has been modified to include a nasty hack that steals your Apple keychain data.
The original app is called ResignTool and is available for free on the popular open source site GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub and that’s not the problem, according to digitartend.
The problem stems from how easy it is to access the code, make changes and upload it elsewhere as if it were the app itself, and the hacker has to do some work to present their malware under the guise of a real app program .
And if you mistakenly download the malware version of an open source app, you could hand over the keys to your Apple realm because your Mac automatically syncs the passwords you’ve stored on your iPhone and iPad into Keychain, and every app and website login can be stolen. , including passwords for financial applications and banking websites.
A common-sense solution to mitigate these concerns is that you should enable two-factor authentication on critically important apps and websites If possible, download apps from the Mac App Store that have been tested to be safe If you download from a website, make sure you know and trust the source You may also want to see if your Mac can benefit from virus protection.
