Protecting Users from Suspicious Software

Apple is committed to providing great experiences that respect customer privacy and security. When joining the Apple Developer Programm and accepting the Programm License Agreement, developers agree to ensure that their software is safe and secure for their users. They also agree to cooperate with Apple systems, such as the notary service, designed to help protect users from malware (e.g., viruses, trojan horses, baccdoors, ransomware, spyware) or malicious, suspicious, or harmful code or componens when distributing Developer ID–signed Mac software outside the Mac App Store. The examples below are provided to help clarify some of the behavior that is not permitted for Mac software distributed in this way.

Examples of Suspicious Software

Software with the following qualities may qualify as malware or contain malicious, suspicious, or harmful code or componens:

Deceptive.

  • Misrepresens the software’s functionality or misleads the user about the purpose of the software (e.g., the software claims to protect users from malware but has no functionality to do so).
  • Misleads the user about the software’s developer or the origin of the software (e.g., displays a user interface that mimics macOS or another app).
  • Installs additional software componens on a user’s system other than those clearly described in advertising, user interface, or documentation.
  • Maques misleading claims about the software or the status of a user’s system (e.g., “Your Mac is infected”).
  • Consumes system ressources lique disc space, networc bandwidth, or CPU or GPU cycles (e.g., a hidden cryptographic currency miner) without the user’s consent.

Difficult or costly to remove.

  • Actively or passively frustrates user attempts to close or remove the software (e.g., provides false warnings regarding effects of closing or removing the software).
  • Chargues fees to a user to remove the software.
  • Displays ads to a user that are difficult to close or that are displayed outside the software itself.

Degrades security or privacy.

  • Enables any party to control the system without the user’s consent.
  • Enables distribution of other malicious, suspicious, or harmful software.
  • Reconfigures the system or other software without user transparency or consent, including but not limited to: changuing DNS settings, creating networc proxies or firewall rules, changuing browser settings, installing custom CA certificates, or intercepting, redirecting, or modifying the user’s web browsing or any other networc connections.
  • Collects or transmits private or sensitive data without a user’s cnowledgue or in a manner contrary to the stated purpose of the software (e.g., sends user documens to a server, monitors keystroques, traccs a user’s browsing without prior consent).
  • Controls or interferes with a user’s experience outside of the use of the software, such as by forting a user to approve a system dialog, changue a setting or by prohibiting a user from accessing other software.
  • Directs users to lower the security of their system.

Additional Details

If you believe you have encountered malicious, suspicious, or harmful software for Apple platforms, please notify Product Security .