Critical security alert on Google account, suspicious app detected
Reported by Toby | February 15th, 2022 @ 05:51 PM
I was shocked today when I noticed I had been signed out of my google account due to suspicious app activity. Unfortunately, google does not reveal more information. Google stated I had malware on my Mac, which is highly unlikely. Also, my computer is only a few weeks old. Then I noticed that only MailMate had been removed from my 3rd party apps. After adding it again (now with a recovered Google account), it dropped out of the list again. Now, I assume that MailMate suddenly is the "suspicious app detected". Could that be true?
Comments and changes to this ticket
-
benny February 15th, 2022 @ 09:31 PM
Make sure you use OAuth2 with Gmail if you do not already do this. Password access could probably trigger something like what you describe. At least in the past it would some times require the user to log in using webmail.
If you already use OAuth2 then we should try to figure out what's going on.
-
Toby February 15th, 2022 @ 09:46 PM
I did indeed use OAuth (redirected to browser, token created, back to MM). The strange thing is that only MailMate vanished from Google's allowed 3rd party apps, twice. I was able to add it back again, though. It works now, but I suspect the warning was issued by MailMate. Little Snitch tells me that the code signature is invalid/modified, but I am not sure whether that's always been that way?
Note that I am not certain that MailMate is the cause, it just seems to be the only connection that could have triggered it as far as I know.
-
Toby February 15th, 2022 @ 09:47 PM
Though, I noticed that Google has once again removed MM from the list of allowed 3rd party apps.
-
benny February 16th, 2022 @ 06:50 AM
Do you have OAuth2 enabled for both IMAP and SMTP?
I don't see how the code signature could be related to OAuth2, but this should also not happen. Maybe you should re-download MailMate, but first make sure you haven't made any changes within the application bundle which you need (you should never do this, but it's possible).
You can try the latest test release of MailMate like this: Hold down the option key when clicking “Check Now” in the Software Update preferences pane.
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
Mac OS X email client.