Jamf researchers have detailed a Mac backdoor called ChillyHell that passed Apple’s notarization checks in 2021 and went unnoticed until very recently.
New malware found on Macs
New malware found on Macs
Jamf Threat Labs revealed the findings in September 2025 after analyzing a sample uploaded to VirusTotal in May. The malware had passed Apple’s automated checks in 2021 and remained notarized until researchers flagged it.
That means any Mac user could have run it without security warnings. Jamf stumbled on the malware during routine sample analysis, where it stood out for unusual process reconnaissance.