The Snake malware, and the variants it derives from, has been around for nearly a decade now. These certificates were created to help validate applications with Gatekeeper, but lately have been used to spread malicious software. This is the second reported malware incident in the past week using a valid certificate.
Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled. A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot.