Former NSA hacker Patrick Wardle has spent the past year researching malware mouse clicks. Meaning, macOS gives you the option to Allow or Deny a program’s access to certain features. But what if malware clicked the Allow button? (via Wired).
Malware Mouse Clicks
At the 2018 DefCon hacker conference, Mr. Wardle showed off a set of automated attackes he used on various versions of macOS, as recent as macOS High Sierra. It involved using malware to click a permission dialog to let it go deep into the system.
The malware can bypass layers of security to perform its tasks, like finding your location, stealing contacts, and even taking over the kernel to fully control the Mac.
The user interface is that single point of failure. If you have a way to synthetically interact with these alerts, you have a very powerful and generic way to bypass all these security mechanisms.
Apple has already patched macOS to prevent attacks like this. But when Mr. Wardle tried to get around the patch for further testing, he found another bug that let him do the same hack.
This is just the latest in a string of concerning security vulnerabilities found in macOS. Earlier bugs including letting a person gain privileged access to a Mac simply by typing “root” as their username. Another bug revealed user passwords when someone asks for a password hint.