Mac’s Background Task Manager Gives Users A False Sense Of Protection Against Malware, Top Security Researcher Confirms

Apple's macOS has been known for providing a secure experience for users, thanks to its long list of tools that are built into the system. This includes the Background Task Manager which was an integral part of the device’s defense mechanism.

But now, new reports from a leading security researcher are shedding light on how it can be bypassed with ease. Moreover, the researcher has even gone on to speak about how tech giant Apple did not act upon the recommendations that were put out by him, nor bother to make any changes to fix it either.

The researcher who goes by the name of Patrick Wardle made his findings public at a hacker conference recently, which was definitely bizarre. After all, the right protocol should have been linked to giving tech giant Apple the heads-up before anyone else, right?

For those who are still wondering what sort of protection Apple has in place in terms of security and protection, well, it’s actually a three-layer system that provides security against various malware.

For starters, it stops any malware from being installed by vetting all the apps found in the App Store. It then makes use of Gatekeeper to make sure all the others receive approval from known developers.

Second, whenever the malware is seen going through such a layer, we see it make use of XProtect to familiarize the malware and prevent it from functioning across the system. Next up, the macOS entails antivirus technology that’s built inside the system and goes by the name of XProtect that deletes the malware and detects all those that are based on signatures through a tool called YARA.

All malware is detected and blocked through the XProtect software. And last but not least, in cases when malware is run, the company would work to prevent that from happening again.

Just last year, the Cupertino firm was seen introducing another Background Task manager that is designed to search for highly dangerous malware and any apps that serve this purpose.

But what is the Background Task Manager that we hear about so frequently? Well, it’s reserved to handle the most dangerous kinds of malware against Mac. Such malware can monitor a user’s activity while installing some more components via the attacker’s server, amongst many other hazardous activities.

Now the company tries its level best to detect such behavior by searching for more installations of these tasks and putting out alerts to users as well as third parties who run tools on the Mac System. And since a lot of apps produce persistent tasks, you should not be worried about downloading new platforms through the App Store as you’d get an alert. However, in the case that an alert of this kind comes out of the blue, it’s a signal of how the system could be compromised.

Coming back to the security researcher named Patrick, he claims that Apple was given details about how there were a growing number of faults in how the background task manager functions. But seeing Apple behave in such a careless manner that it did really did take him by surprise. Moreover, he even highlighted seeing some more issues with the tool when it was first delineated by the company but at that time, Apple did work to fix them.

But now, seeing the Background Task Manager allow bypasses is something worrying and he’s making sure the world knows about it through the Defcon conference. Perhaps by this means, Apple might get serious and make necessary changes.


Read next: Dodgy "Beta" Apps: The Cyber Crooks' New Playbook to Snatch Your Crypto
Previous Post Next Post