Skip to main content

A High Sierra bug in the MacOS update could make it easy to steal passwords

how to download MacOS High Sierra
Image used with permission by copyright holder
A security researcher as discovered a MacOS High Sierra bug that makes it easy for hackers to steal passwords and other hidden login credentials from a user’s system. The bug appears to give hackers the ability to access Keychain data in plaintext without knowing the master password.

The purpose of the Keychain is to hold on to various login credentials and other secretive information and to keep it hidden from prying eyes. Like third-party password managers, you’re only supposed to be able to access that information with a master password. With the bug in High Sierra though, it appears that unsigned apps are able to circumvent that safeguard entirely.

Discovered by ex-NSA analyst and security researcher Patrick Wardle (thanks MacRumors), the bug makes it possible to dump the contents of Keychain’s password storage, accessing everything from banking passwords, to your Facebook login in plaintext.

Steal y0 (macOS) Keychain

Perhaps even more concerning is that this bug may have existed for some time. Although it has been proven to work following the High Sierra update, it’s possible that it could also work with older versions of MacOS.

The one silver lining to this news is that, as with many attacks from nefarious individuals, a High Sierra user would need to download a malicious application from somewhere other than the App Store for the exploit to work. That’s something that Apple and most security professionals would heavily discourage, though it does sometimes happen.

To prove that the exploit exists, Wardle crafted a malicious app called “KeychainStealer,” which was able to reveal his phony Bank of America, Twitter, and Facebook login details with little effort. Although he hasn’t revealed the exact method of attack, it stands to reason that if he can figure it out, others will be able to as well, especially now that they know it’s possible.

For that reason some may not like that Wardle has been transparent with his concerns, though this story stands a much greater chance of forcing Apple to fix the bug than if he’d kept it to himself.

Still, it’s possible that this announcement isn’t entirely altruistic. Wardle does operate a Patreon to help support the creation of security software under his Objective-See brand, so this announcement should drive some interest in it.

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
The latest MacOS update is bricking some people’s Macs
Apple MacBook Pro front view showing display and keyboard..

Normally, we’d encourage you to always update to the latest version of your operating system. But some Mac users got more than they bargained for when they installed the latest MacOS Monterey 12.3 update -- it bricked their devices.

According to posts on Apple’s developer forums and on social media, the 12.3 update is causing all manner of issues, from simple error messages to infinite rebooting loops and completely bricked Macs. Attempting to upgrade from MacOS Monterey 12.2.1 or earlier appears to be causing the problems.

Read more
This memory leak bug is killing performance in MacOS Monterey
Apple demonstrating Universal Control with a MacBook Pro and iPad next to each other on a desk.

Apple's newest desktop operating system, MacOS Monterey, brings a handful of useful new features, but an assortment of issues as well. Some people are reporting memory leaks after upgrading to MacOS Monterey — some of which have even included warnings that the entire system has run out of memory.

While new operating system rollouts tend to have a few bugs, this one seems particularly bothersome. Memory leaks occur when an application uses more memory, or RAM, than is necessary. This happens because the process in question doesn't release the memory that's allocated to it after it's closed and continues to use more memory, sometimes until there's none left.

Read more
Apple’s MacOS Monterey brings the next big update for Macs
apple wwdc 2021 everything announced mac os montery2 copy

On stage at the WWDC 2021, Apple announced MacOS Monterey, the newest version of the Macintosh operating system for MacBooks, iMacs, and Mac Mini devices.

Available as a free update on the Apple App Store on most Macs later this fall, the release builds on the redesign introduced in 2020 with MacOS Big Sur. Last year's update was all about new visuals and support for the new M1 architecture, and this one adds some more productivity refinements to the overall MacOS experience.

Read more