A zero-day vulnerability in macOS Mojave can be exploited by malware to steal plaintext passwords from the Keychain.
The security expert Linus Henze has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the Keychain. According to Henze, the flaw affects macOS Mojave and earlier versions.
The researcher did not report the vulnerability to Apple, it publicly disclosed the existence of the flaw without making public its details.
Henze has published a video PoC for the flaw that shows how to use malware to extract passwords from the local Keychain password management system. The attack works on a system running the latest macOS Mojave OS version (10.14.3)
The attack is sneaky because it doesn’t require admin privileges for both the malicious app and the user account. The expert pointed out that the malicious code could exploit the flaw to steal passwords only from that user’s Keychain because other Keychains are locked.
Why Henze did not report the flaw to Apple?
Simple, the expert explained that did not share his discovery with the tech giant because the company doesn’t operate a bug bounty program for macOS. Apple contacted the experts after the publication of the video asking for more details about the issue, but Henze refused to provide them without a bounty.
Currently, Apple’s bug bounty program only covers hardware, iOS and iCloud.
The popular MacOS expert and former NSA white hat hacker Patrick Wardle also confirmed the that the exploit wotks.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.