Malware Mouse Clicks Let Hackers Take Over macOS

1 minute read
| News

Former NSA hacker Patrick Wardle has spent the past year researching malware mouse clicks. Meaning, macOS gives you the option to Allow or Deny a program’s access to certain features. But what if malware clicked the Allow button? (via Wired).

[Female Hacking Team from Saudi Arabia Wins Hackathon]

Malware Mouse Clicks

At the 2018 DefCon hacker conference, Mr. Wardle showed off a set of automated attackes he used on various versions of macOS, as recent as macOS High Sierra. It involved using malware to click a permission dialog to let it go deep into the system.

The malware can bypass layers of security to perform its tasks, like finding your location, stealing contacts, and even taking over the kernel to fully control the Mac.

The user interface is that single point of failure. If you have a way to synthetically interact with these alerts, you have a very powerful and generic way to bypass all these security mechanisms.

Apple has already patched macOS to prevent attacks like this. But when Mr. Wardle tried to get around the patch for further testing, he found another bug that let him do the same hack.

This is just the latest in a string of concerning security vulnerabilities found in macOS. Earlier bugs including letting a person gain privileged access to a Mac simply by typing “root” as their username. Another bug revealed user passwords when someone asks for a password hint.

[People Can Buy Apple Hacking Tools on the Dark Web]

4
Leave a Reply

Please Login to comment
1 Comment threads
3 Thread replies
1 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
Lee DronickgeoduckAndrew Orr Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Lee Dronick
Member
Lee Dronick

Is something that requires physical access to the Mac?