Skip to main content
  1. Home
  2. Computing
  3. Apple
  4. News

Hacker discovers a MacOS exploit that is able to access system passwords

Add as a preferred source on Google

Security researcher Linus Henze recently uncovered a vulnerability within MacOS Mojave that allows an unauthorized application to steal passwords from both your Mac’s ‘login’ and ‘system’ Keychains. As macOS’ password management system, Keychain has been implemented since Mac OS 8.6, keeping user’s most important data safe and secure; however, as of late it doesn’t seem to be doing the job. A similar exploit was discovered and patched in 2017, but now Henze’s discovery, which he names KeySteal, is currently still within MacOS and available for hacker exploit.

KeySteal can access and view a system’s Keychains without requiring any permission from the user. Such action is typically protected by an administrator password needing to be entered before an application is granted access to a single part of the Keychain. The exploit itself needs to be launched when a user is logged in and could be extremely dangerous if unsuspectingly downloaded. The exploit completely bypasses security measures from Apple such as the company’s T2 security chip, and thus are entirely ineffective.

Recommended Videos

Henze’s KeySteal exploit has not been clearly explained from a technical level; he keeps the knowledge away from the public to prevent causing widespread security issues, but he has also held it from Apple. One point that has been routinely cited by MacOS security researchers is that Apple doesn’t offer a bounty for exploits as it does with its iOS platform. Thus, security researchers who spend their time discovering exploits are not rewarded for their work. It is common practice to pay security researchers for finding bugs and other exploits, putting Apple’s stance with MacOS in a unique position.

As of this moment, Apple has not commented on the exploit, nor has it issued a patch securing the vulnerability. Thus, users concerned about the KeySteal exploit should continue to follow safe security practices when downloading content from the web — not acquiring content from unknown sources and not running any applications that are unfamiliar. The previous exploit took Apple about two weeks to patch, but the researcher, Patrick Wardle, provided the company with detailed information, thus it is called into question how long it will take Apple to discover the current issue before offering the update.

Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
ChatGPT is coming for one of Google’s smartest Chrome features
OpenAI brings ChatGPT to Chrome to challenge Google's Gemini Side Panel
OpenAI

OpenAI is expanding ChatGPT beyond its website with the launch of a new Chrome extension that can understand the contents of the webpage you're viewing. The extension allows users to ask questions about a page, summarize articles, explain complex concepts, and even kick off longer AI-powered tasks without leaving their browser.

The move positions ChatGPT as a direct competitor to Google's Gemini in Chrome, which introduced similar context-aware browsing features earlier this year. While both tools aim to bring AI directly into web browsing, they take slightly different approaches to productivity and automation.

Read more
This open-source Mac app finds the junk files your deleted apps leave behind
Uninstally removes apps properly, leftovers and all
Uninstally macOS app UI

Uninstalling apps on macOS is usually very easy. You drag an app to the Trash, empty it, and move on. The annoying part is that many apps still leave residue behind, including support files, caches, preferences, containers, and logs. I have always found that frustrating, especially when old app data keeps sitting around long after the app itself is gone.

AppCleaner by FreeMacSoft has been the popular go-to option for this for years, and it still does the job well. But I recently came across a new open-source alternative called Uninstally by Codenta, which solves the same basic problem. It removes Mac apps along with the support files, caches, preferences, containers, logs, and other leftovers they usually leave behind.

Read more
AMD just made Ryzen laptop chips even more confusing, but here’s what’s actually new
The refreshed lineup brings more Zen 4 processors to mainstream and budget laptops.
AMD Ryzen 100 and 200 series

AMD has quietly expanded its mobile processor portfolio with 11 new Ryzen laptop processors, adding fresh models under both the Ryzen 200 and Ryzen 100 families. While that sounds straightforward enough, the bigger story isn't the chips themselves -- it's AMD's increasingly confusing naming strategy. The company has introduced seven new Ryzen 200 processors alongside four new Ryzen 100 models, but despite belonging to different series, many of them are actually built on the same Hawk Point silicon featuring Zen 4 CPU cores and RDNA 3 integrated graphics.

The Ryzen 200 series gets seven new CPUs

Read more