Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement 

×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Mac OS Vulnerability Posed Risk Of Hacking To Apple Users For Over A Decade

Written by  Jun 14, 2018
When we say “apple”, perhaps we think of all those techy gadgets (iPhones and Mac) even before the real apple fruit. Isn’t that right? Apple has thrived to establish itself as the most secure and private OS of all time.
Ironically, we never knew this ‘safest’ system has in fact kept its users prone to hacking for 11 years. The latest identified Mac OS vulnerability shows how third-party apps could have tricked into Apple software by bypassing the Apple code-signing process.

Advertisement 

Mac OS Vulnerability Allowed Malware To Bypass Apple Signature

On Tuesday, Josh Pitts, a security researcher and staff engineer at Okta reported in detail about a Mac OS vulnerability. Precisely, he addressed the issues revolving around Apple’s third-party code-signing checks. He pointed out how third-party developer’s interpretation of code signing API bypassed Apple’s signature and misinterpreted unsigned malicious codes as being signed by Apple.

Because of this misinterpretation, hackers had a wide opportunity to dump malicious codes that any third-party developers may use by misinterpreting them as being Apple verified. In this way, malware could easily access Apple customers devices. Precisely, this code-signing bypass was mainly affecting Mac OS and some older versions of OSX.

Advertisement 

Patrick Wardle, CRO DigitaSecurity and Objective-See tools developer, does not consider this problem as a ‘vulnerability’. According to him, bypassing signatures is always easy for hackers.

“If a hacker wants to bypass your tool and targets it directly, they will win,” says Wardle. “To be clear, this is not a vulnerability or bug in Apple’s code. Basically, just unclear/confusing documentation that led to people using their API incorrectly.”

Tricking Code-Signing Was ‘Easy’ And ‘Trivial’

Apple requires third-party developers to use code-signing API. However, the process by which Mac OS security tools checked for digital signature was trivial to bypass. Anyone knowing this ease of evading Apple signature could then throw in malware as a signed app. As Mac OS used the same process since 2007, the risk of malware and hacking was there for the past 11 years.

Josh Pitts has explained well how anyone could leverage flaw to spread malware. He himself demonstrated the flaw where his file ‘ncat.frankenstein’ appeared digitally signed, even though it wasn’t Apple verified. According to him, the vulnerability works in certain conditions. If a hacker knew about them, he could bypass codesign.

“On macOS/iOS, code signing focuses on the Mach-O binary and application bundles to ensure only trusted code is executed in memory,’ says Josh Pitts. “This vulnerability exists in the difference between how the Mach-O loader loads signed code vs how improperly used Code Signing APIs check signed code and is exploited via a malformed Universal/Fat Binary.”

Advertisement 

Josh Pitts first discovered the problem in early 2018, when he reported the details to Apple. However, Apple, at that time, didn’t consider this as a security issue. But, as he continued communicating with Apple over the matter, things changed. He has shared a detailed timeline showing how his efforts started on February 22, 2018, however it took a while to disclose this matter to the public on June 12, 2018.

Let us know your thoughts in the comments below.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Latest

3rd Party Patch Released for Windows Zero-Day

Aug 31, 2018 Cyber News

3rd Party Patch Released for Windows Zero-Day

A patch is available for a Windows zero-day that became public knowledge earlier this week, but it’s not from Microsoft...

Advertisement 

  1. Popular
  2. Trending
  3. Comments

Calendar

« May 2018 »
Mon Tue Wed Thu Fri Sat Sun
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      

Advertisement 

Advertisement