Skip to main content

A High Sierra bug in the MacOS update could make it easy to steal passwords

how to download MacOS High Sierra
Image used with permission by copyright holder
A security researcher as discovered a MacOS High Sierra bug that makes it easy for hackers to steal passwords and other hidden login credentials from a user’s system. The bug appears to give hackers the ability to access Keychain data in plaintext without knowing the master password.

The purpose of the Keychain is to hold on to various login credentials and other secretive information and to keep it hidden from prying eyes. Like third-party password managers, you’re only supposed to be able to access that information with a master password. With the bug in High Sierra though, it appears that unsigned apps are able to circumvent that safeguard entirely.

Discovered by ex-NSA analyst and security researcher Patrick Wardle (thanks MacRumors), the bug makes it possible to dump the contents of Keychain’s password storage, accessing everything from banking passwords, to your Facebook login in plaintext.

Steal y0 (macOS) Keychain

Perhaps even more concerning is that this bug may have existed for some time. Although it has been proven to work following the High Sierra update, it’s possible that it could also work with older versions of MacOS.

The one silver lining to this news is that, as with many attacks from nefarious individuals, a High Sierra user would need to download a malicious application from somewhere other than the App Store for the exploit to work. That’s something that Apple and most security professionals would heavily discourage, though it does sometimes happen.

To prove that the exploit exists, Wardle crafted a malicious app called “KeychainStealer,” which was able to reveal his phony Bank of America, Twitter, and Facebook login details with little effort. Although he hasn’t revealed the exact method of attack, it stands to reason that if he can figure it out, others will be able to as well, especially now that they know it’s possible.

For that reason some may not like that Wardle has been transparent with his concerns, though this story stands a much greater chance of forcing Apple to fix the bug than if he’d kept it to himself.

Still, it’s possible that this announcement isn’t entirely altruistic. Wardle does operate a Patreon to help support the creation of security software under his Objective-See brand, so this announcement should drive some interest in it.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
The most common MacOS Big Sur problems and how to fix them
MacOs Big Sur

With the release of MacOS Big Sur, Apple leaves the world of MacOS X and enters a new generation — MacOS 11. Big Sur brings new abilities to the Mac, including a redesigned user interface, a significant update to Safari, and tweaks promised to increase performance and power efficiency.

What happens what you start to have problems, though? As with any operating system, MacOS Big Sur comes with its own issues. Here are the most common MacOS Big Sur problems and how to fix them.

Read more
Here’s how to use Sidecar in MacOS Catalina to make your iPad a second screen
Apple Sidecar press photo

One of the most exciting features to come out of MacOS Catalina is its new second screen support feature, Sidecar. The new tech turns your iPad into a second screen for your Mac, as well as a drawing tablet for illustrators and designers. To get the most out of Sidecar, you’ll need to know how to set it up and what it requires to work properly.

Here’s what you’ll need to get Sidecar working in MacOS Catalina, and some simple instructions about how to set it up.
1. Check your hardware

Read more
Apple could end antitrust woes by making the iOS App Store more like the Mac’s
iphone xr app store

Apple is having a pretty terrible time right now amid multiple antitrust hearings and a wave of discontent over the fees it charges developers to use its App Store. It all culminated last week with the controversy of Fortnite being removed from the App Store altogether.

But there is one solution that could potentially end Apple’s woes and deal a blow for consumers and developers at the same time: Make the iOS App Store more like the Mac App Store. It is not such a crazy idea. After all, Apple already has looser restrictions on its Macs than on its iPhones. Here’s why it could be exactly what Apple needs to do.
The problem: Apple’s arbitrariness

Read more