Panic! Hackers take over Macs with invisible mouse clicks

By admin on August 15, 2018
Spread the love

It is a common saying: “With a Mac you are well protected against viruses and hackers.” That that is not entirely true, is again demonstrated by a discovery by security researcher Patrick Wardle. He describes multiple scenarios in which the most recent macOS version High Sierra can easily be copied. This involves various system notifications with which macOS protects access to contacts, calendars, location data and the start of so-called kernel extensions (kext). This even makes it possible to start malicious programs, says Wardle. This is how the attack works.

Allow or deny?

Everyone knows the reports of the system. When you open a new program, you may be notified that this program wants access to your contacts, calendars or location data. You then have two options: ‘Allow’ or ‘Reject’. Wardle succeeded with a new method to allow virtual mouse clicks on the ‘Allow’ button. For this he uses, among other things, the accessibility options of High Sierra. Important: to use this hack, a malicious person must already have access to the machine through another vulnerability. After that, however, all doors are immediately open.

Fixed in macOS Mojave

Apple already knows the vulnerability, but the bug has not yet been fixed in High Sierra. Obviously, Apple has taken measures to prevent this attack opportunity, but unfortunately this has not been entirely successful, says Wardle. In macOS Mojave where incidentally specifically these system messages were worked, the leak is already closed and the hack is no longer possible. We expect an update soon for High Sierra.

Former NSA employee

Wardle is a familiar face as far as security macros are concerned. For example, about a year ago he published an article about a major vulnerability in the keychain of macOS . Early this year he had discovered two malware – programs for macOS. In the past Wardle worked for the American secret service NSA. Here he has himself discovered ways with which he can take over Macs. At the security conference Def Con in Las Vegas he showed all the details of the attack described here.

AppleDiscoveryHackHackersHackingHigh SierraKernelLocationMacMachinemacOSmacOS MojaveMalwareMojaveMouseNSAPatrick WardleSecurityViruses
Related Posts

Apple has been working on its own search engine for years. It’s called “Pegasus” and it can become a disaster for Google

Rumor: Apple is working on its own applications based on a large language model

EU Council determines position on security requirements for digital products

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

Meta introduces open source language model Llama 2, works on PCs and phones

Anticheat FaceIT gets Linux version, enables Steam Deck support