Skip to main content
  1. Home
  2. Computing
  3. News

Hacker discovers a MacOS exploit that is able to access system passwords

By

Security researcher Linus Henze recently uncovered a vulnerability within MacOS Mojave that allows an unauthorized application to steal passwords from both your Mac’s ‘login’ and ‘system’ Keychains. As macOS’ password management system, Keychain has been implemented since Mac OS 8.6, keeping user’s most important data safe and secure; however, as of late it doesn’t seem to be doing the job. A similar exploit was discovered and patched in 2017, but now Henze’s discovery, which he names KeySteal, is currently still within MacOS and available for hacker exploit.

KeySteal can access and view a system’s Keychains without requiring any permission from the user. Such action is typically protected by an administrator password needing to be entered before an application is granted access to a single part of the Keychain. The exploit itself needs to be launched when a user is logged in and could be extremely dangerous if unsuspectingly downloaded. The exploit completely bypasses security measures from Apple such as the company’s T2 security chip, and thus are entirely ineffective.

Recommended Videos

Henze’s KeySteal exploit has not been clearly explained from a technical level; he keeps the knowledge away from the public to prevent causing widespread security issues, but he has also held it from Apple. One point that has been routinely cited by MacOS security researchers is that Apple doesn’t offer a bounty for exploits as it does with its iOS platform. Thus, security researchers who spend their time discovering exploits are not rewarded for their work. It is common practice to pay security researchers for finding bugs and other exploits, putting Apple’s stance with MacOS in a unique position.

Related

As of this moment, Apple has not commented on the exploit, nor has it issued a patch securing the vulnerability. Thus, users concerned about the KeySteal exploit should continue to follow safe security practices when downloading content from the web — not acquiring content from unknown sources and not running any applications that are unfamiliar. The previous exploit took Apple about two weeks to patch, but the researcher, Patrick Wardle, provided the company with detailed information, thus it is called into question how long it will take Apple to discover the current issue before offering the update.

Editors' Recommendations

Topics
Michael Archambault
Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
Will my Mac get macOS 14?
MacOS Sonoma.

MacOS 14 is coming and coming soon, and thanks to Apple's big keynote address at WWDC 2023, we now know what it can do, what it's called, and who can get it. The next generation Mac operating system is codenamed Sonoma, and it's bringing gaming to macOS in a big way, as well as improving video calls, and security. It's going to be available for most modern Mac and MacBook users, but there are some legacy systems that are unfortunately being left out in the cold.

Wondering if your Mac can get macOS 14? Here's everything we know about what Macs are and aren't compatible with Sonoma.

Read more
Apple’s macOS Sonoma has a game-changing feature — literally
apple could fix mac game porting wwdc 2023 gaming 1

Apple’s Worldwide Developers Conference (WWDC) was chock-full of new announcements, and it’s fair to say that between the Vision Pro headset and all of Apple’s new Macs, macOS was far from the biggest new reveal. Yet, there was one new macOS feature that could be absolutely game-changing.

That’s because right now, Mac gaming is in a pretty bad way. Gamers don’t buy Macs because there aren’t enough good games, and developers don’t port their games to the Mac because there aren’t enough people to play them. It’s a chicken-and-egg situation caught in a death spiral.

Read more
This critical exploit could let hackers bypass your Mac’s defenses
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

Microsoft has discovered a critical exploit in macOS that could grant hackers easy access to your Mac’s most important data. Dubbed ‘Migraine,’ it shows why it’s vital to update your Mac as soon as possible.

Migraine is so damaging because it can bypass Apple’s System Integrity Protection, or SIP for short. SIP is enabled by default on modern Macs and works by sandboxing sensitive parts of the computer from outside meddling. Only processes that are signed by Apple (or those with special privileges, like Apple installers) are allowed to alter something guarded by SIP.

Read more