Prime Day
Prime Day

Password exposing macOS bug found by German teenage hacker who refuses to disclose details to Apple

By Digit NewsDesk | Published on 11 Feb 2019
HIGHLIGHTS
  • The hack is a simple app that does not need administrative level access.

Password exposing macOS bug found by German teenage hacker who refuses to disclose details to Apple

Highlights:

  • A teenager has discovered a vulnarability in Mac OS.
  • The vulnarability gives hackers access to users' passwords.

First a 14-year old finds a vulnerability letting users eavesdrop using FaceTime Group chat. Now, 18-year-old German, Linus Henze, has discovered a vulnerability that leaves users' saved passwords exposed to hackers This could include passwords saved in the iCloud Keychain or even passwords to banking websites, social networking websites, email websites and streaming services like Netflix, Amazon and more. This is a macOS only bug but through the Keychain password saver, all your iOS devices' passwords can be accessed as well. Henze isn’t disclosing the bug and his findings to Apple. He tells Forbes that “the lack of payment for such research was behind his decision to keep the hack’s details secret from the Cupertino giant.”

Highlighting the vulnerability, Henze said that he could make an app that could read the data in the keychain without any requirement of permission from the victim. There are no special privileges or admin access required to run the app. Running a simple app is all that is necessary to access the information.

Henze suggests that a hacker could hide the malware into a legitimate app to get it onto a user's computer. He tells Forbes, “Or a user could be directed to a webpage that would launch rogue code. And because the attack could grab tokens for accessing the iCloud, it would be possible to take over an Apple ID and download they keychain from the company’s servers”

If you are thinking that Apple does offer a bug bounty, then know that the bug bounty initiative is invite-only and for iOS. Henze said “It's like they don’t really care about macOS. Finding vulnerabilities like this one takes time, and I just think that paying researchers is the right thing to do because we’re helping Apple to make their product more secure.”

Henze’s findings come just a few weeks after the Group FaceTime eavesdropping bug was discovered. The FaceTime bug was found by a 14-year-old who wanted to chat with his friends while playing Fortnite. He called one of his friends, and when the said friend didn't answer his phone, 14-year-old Grant Thompson swiped up to FaceTime another friend initiating a Group FaceTime call. During this call he could hear the audio from the first friend he had dialed. Apple is also facing a lawsuit with regards to the Group FaceTime Bug. You can read more about the lawsuit here and the FaceTIme bug here.  

Also read:

Microsoft Surface Pro 6, Surface Laptop 2 quietly launched in India

Hackers are using Google translate to steal your data

Google receives flak for not patching PNG vulnerability, researchers say millions of Android users still at risk

Apple MacBook Air 2018 Key Specs, Price and Launch Date

Price:
Release Date: 26 Nov 2018
Variant: None
Market Status: Launched

Key Specs

  • OS OS
    MacOS 10.14 Mojave
  • Display Display
    13.3" (2560 x 1600)
  • Processor Processor
    8th-generation Intel Core i5 | NA
  • Memory Memory
    1.5 TB SSD/16 GBGB NA
Digit NewsDesk
Digit NewsDesk

Email Email Digit NewsDesk

Follow Us Facebook Logo Facebook Logo Facebook Logo

About Me: Digit News Desk writes news stories across a range of topics. Getting you news updates on the latest in the world of tech. Read More

Tags:
apple keychain hack mac keychain hack apple hack mac OS hack
Advertisements

Trending Articles

Advertisements

LATEST ARTICLES View All

Advertisements
hot deals amazon
MI Notebook 14 (IC) Intel Core i5-10210U 10th Gen 14-inch (35.56 cms) Thin and Light Laptop(8GB/256GB SSD/Windows 10/Intel UHD Graphics/Silver/1.5Kg), XMA1901-FL
MI Notebook 14 (IC) Intel Core i5-10210U 10th Gen 14-inch (35.56 cms) Thin and Light Laptop(8GB/256GB SSD/Windows 10/Intel UHD Graphics/Silver/1.5Kg), XMA1901-FL
₹ 44999 | $hotDeals->merchant_name
Mi Notebook 14 Intel Core i5-10210U 10th Gen Thin and Light Laptop(8GB/256GB SSD/Windows 10/Intel UHD Graphics/Silver/1.5Kg), XMA1901-FC+Webcam
Mi Notebook 14 Intel Core i5-10210U 10th Gen Thin and Light Laptop(8GB/256GB SSD/Windows 10/Intel UHD Graphics/Silver/1.5Kg), XMA1901-FC+Webcam
₹ 48527 | $hotDeals->merchant_name
HP 15 db1069AU 15.6" (39.62cms) ) Laptop (3rd Gen Ryzen 3 3200U/4GB/1TB HDD/Windows 10/MS Office/Radeon Vega 3 Graphics), Jet Black
HP 15 db1069AU 15.6" (39.62cms) ) Laptop (3rd Gen Ryzen 3 3200U/4GB/1TB HDD/Windows 10/MS Office/Radeon Vega 3 Graphics), Jet Black
₹ 30990 | $hotDeals->merchant_name
DMCA.com Protection Status