Skip to main content
  1. Home
  2. Computing
  3. News

Hacker discovers a MacOS exploit that is able to access system passwords

Michael Archambault
By

Security researcher Linus Henze recently uncovered a vulnerability within MacOS Mojave that allows an unauthorized application to steal passwords from both your Mac’s ‘login’ and ‘system’ Keychains. As macOS’ password management system, Keychain has been implemented since Mac OS 8.6, keeping user’s most important data safe and secure; however, as of late it doesn’t seem to be doing the job. A similar exploit was discovered and patched in 2017, but now Henze’s discovery, which he names KeySteal, is currently still within MacOS and available for hacker exploit.

KeySteal can access and view a system’s Keychains without requiring any permission from the user. Such action is typically protected by an administrator password needing to be entered before an application is granted access to a single part of the Keychain. The exploit itself needs to be launched when a user is logged in and could be extremely dangerous if unsuspectingly downloaded. The exploit completely bypasses security measures from Apple such as the company’s T2 security chip, and thus are entirely ineffective.

Recommended Videos

Henze’s KeySteal exploit has not been clearly explained from a technical level; he keeps the knowledge away from the public to prevent causing widespread security issues, but he has also held it from Apple. One point that has been routinely cited by MacOS security researchers is that Apple doesn’t offer a bounty for exploits as it does with its iOS platform. Thus, security researchers who spend their time discovering exploits are not rewarded for their work. It is common practice to pay security researchers for finding bugs and other exploits, putting Apple’s stance with MacOS in a unique position.

Related

As of this moment, Apple has not commented on the exploit, nor has it issued a patch securing the vulnerability. Thus, users concerned about the KeySteal exploit should continue to follow safe security practices when downloading content from the web — not acquiring content from unknown sources and not running any applications that are unfamiliar. The previous exploit took Apple about two weeks to patch, but the researcher, Patrick Wardle, provided the company with detailed information, thus it is called into question how long it will take Apple to discover the current issue before offering the update.

Editors' Recommendations

Topics
Michael Archambault
Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
Apple just announced the dates for WWDC 2024
WWDC 2024 banner.

Apple has just announced the dates for its Worldwide Developers Conference (WWDC) 2024. WWDC will take place from June 10 through June 14, 2024. A special event will be held at Apple Park in Cupertino, California, on June 10, and we expect to see the reveal of iOS 18, iPadOS 18, watchOS 11, tvOS 18, macOS 15, and visionOS 2.

WWDC will be free for all developers online. Developers will be able to access a variety of online sessions and labs that will showcase the latest advancements in software across all of Apple’s hardware.

Read more
Apple quietly backtracks on the MacBook Air’s biggest issue
The MacBook Air on a white table.

The new MacBook Air with M3 chip not only allows you to use it with two external displays, but it has also reportedly addressed a storage problem that plagued the previous M2 model. The laptop now finally has much faster storage performance since Apple has switched back to using two 128GB NAND modules instead of a single 256GB module on the SSD drive.

This was discovered by the YouTuber Max Tech, who tore down the entry-level model of the MacBook Air M3 with 8GB of RAM and 256GB of storage. In his tests, thanks to the two NAND modules, the M3 MacBook Air is nearly double faster than the M2 MacBook Air. Blackmagic Disk Speed tests show that the older M2 model with the problematic NAND chip had a 1584.3 Mb/s write speed, and the newer M3 model had 2108.9 Mb/s for the M3 model, for a 33% difference. In read speeds, it was 1576.4 Mb/s on the old model and 2880.2 Mb/s on the newer model.

Read more
The 6 best ways Macs work with your other Apple devices
A person holds an iPhone in front of a MacBook.

One of the best things about using more than one Apple device is the way they interact with each other. Apple has built all kinds of clever features into its famous ecosystem, and it means your devices all work together in a way that you just don’t get from any other manufacturer.

AirDrop might be the ultimate expression of this, though that's fairly well-known. Here, we’ve picked out six other great ways your Mac works with other Apple products. Most require you to have Bluetooth and Wi-Fi enabled, as well as for you to be using the same Apple ID on all your devices. Check the System Settings app on your devices to make sure the specific features are enabled, although most should be by default.

Read more