Open Radar

 
Summary:
The Andyroid Mac application bundles malware, as is shown in this VirusTotal report: https://www.virustotal.com/#/file/f67940a8f5138decafc9d487b29f129e9676f4e380e717361b2fe16f71231248/detection

The Andyroid Mac application should have its signature revoked because of this.

Steps to Reproduce:
1. Download the Andyroid DMG file from http://andyroid.net.
2. Verify that the file is signed with a valid Apple Developer ID, either by attempting to open it by double-clicking it (so long as App Store and Identified Developers is chosen in the General tab of the Security & Privacy preference pane) or by running "codesign -dvvv /Volumes/Installer/Installer.app" in the Terminal with the DMG file mounted. You can also get this information from VirusTotal.
3. Run the downloaded file through VirusTotal (https://virustotal.net).
4. You should see that a number of antimalware engines, including BitDefender and Kaspersky, detect the DMG file as malignant.

Expected Results:
File is downloaded, and upon attempting to open the Installer app within, the system displays any message found at https://support.apple.com/en-us/HT202491 under "Gatekeeper messages" and the bullet point "Gatekeeper options set to "Mac App Store and identified developers".

Actual Results:
File is downloaded and the app within opens without any fuss from the system, meaning the signature is valid even though the app in question is bundled with malware.

Version/Build:
Version tested was 46.16_48. My system is running High Sierra 10.13.