macOS High Sierra Vulnerability May Allows Malicious App Steal Keychain logins in Plaintext
The just released new system of Apple, macOS High Sierra 10.13, could be impacted by a major security flaw that that would let any third-party app steal all the passwords users saved in Keychain without your knowledge or any user interaction.
As the matter of fact, unsigned apps on macOS High Sierra or even earlier versions of macOS can allegedly access the Keychain info, and display plaintext usernames and passwords without a user’s master password.
The security threat was first discovered by a former NSA employee, Patrick Wardle, who also found similar macOS security problems in the past. He shared the flaw in Twitter and also a video.
If the security flaw works, users need download malicious third-party code from unknown source, Apple strongly objected to those Apps download from unknown or unbelieved developers outside or outside the Mac App Store, Apple even not allow the applications to be downloaded without explicitly covering security Settings of from untrusted developers actually.
Just like it showing in the video of Twitter, Wardle created a proof-of-concept app called “keychainStealer” that was able to access plaintext passwords stored in Keychain for Twitter, Facebook, and Bank of America. Wardle spoke to Forbes about the vulnerability and said it’s actually not hard to get malicious code running on a Mac even with Apple’s protections in place.
“Applications running on your system are able to access all the information in the Keychain without any user interaction,” Wardle told Gizmodo. “There’s a vulnerability that allows local code to access the keychain and bypass the security components.”
“Without root priveleges, if the user is logged in, I can dump and exfiltrate the keychain, including plaintext passwords,” Wardle told Forbes. “Normally you are not supposed to be able do that programmatically.”
Wardle said that it’s better to upgrade to High Sierra right now than waiting for the fix.
Likewise, Apple didn’t response for a comment, so it’s unknown if the company is working on a fix, so now you know the reason why Apple strongly objected to download or install third party app outside Mac App Store of Apple.