Thursday, January 21, 2021
Home>CERT-LatestNews>macOS High Sierra Keychain bug exposes your passwords to hackers: Report

macOS High Sierra Keychain bug exposes your passwords to hackers: Report

CERT-LatestNews Malware Security News ThreatsCybercrime Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesOS
Home > News > macOS High Sierra Keychain bug exposes your passwords to hackers: Report

Apple is aware of the exploit and suggests installing apps only from verified sources.


A day after Apple rolled out macOS High Sierra for Mac desktops and notebooks, a security research firm has found loopholes in the new operating system. According to a report on Forbes, a hacker breached into the new macOS, and was able to steal passwords from it. This might shock those who were looking forward to upgrading to High Sierra but you could still do that while Apple works on it.
The security bug was first spotted by ex-NSA analyst Patrick Wardle, who says that anyone aware of the bug can run malicious code or rogue app on a macOS to extract passwords from the Keychain app. Similar to Secure Enclave on iPhones, Apple has a Keychain app integrated into macOS system to store passwords. Keychain can only be accessed by the Mac user and works with a master password to view store passwords.

However, a video posted by Wardle shows him carrying out the breach and he was able to send all the passwords to a different location without keying the master password. This sounds scary and older versions of macOS are said to be susceptible to such attacks as well. So even if you upgrade or downgrade the bug will remain.

Following the thread on his Twitter post, it is learned that Wardle has tried to inform Apple about the bug a number of times and sadly, Apple’s bug bounty program does not cover macOS bugs. However, Apple is reportedly aware of the exploit. The company says “macOS is designed to be secure by default, and [Apple security feature] Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval,” a spokesperson told MashableALSO READ: macOS High Sierra update now rolling out; how to install, features and all you need to know

As is the case, Walder ran an unsigned app dubbed as KeychainStealer on the macOS High Sierra and was able to pilfer all the passwords stored on the system. He did not reveal all the codes he used to do so, but he underlined that the bug will only work on a malware infected computer. The report also quotes Walder saying, “Typical ways to accomplish this include emails (with malicious attachments), fake web popups (“your Flash player needs updating”), or sometimes legitimate application websites are hacked (e.g. Transmission, Handbrake, etc). ALSO READ: Apple iOS 11, macOS High Sierra, watchOS 4, tvOS 11 release dates revealed

So, you can take a sigh of relief if you are running the macOS Sierra or High Sierra and your system has not been infected with any malicious attack recently. Ensure that you have installed necessary security updates to save yourself from such attacks. “We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents,” the spokesperson added.