New Mac Malware Accesses OS X’s Keychain WITHOUT User Interaction
Mac users beware. According to Malwarebytes, a new version of the Genieo adware has brought with it something that is extremely dangerous. It can access the OS X Keychain without user intervention. This could pave the way for other more deadly malware to do anything from steal information to pwn your Mac.
Here’s an video that shows this in action:
That video is short and quick. So I’ll explain what happened:
The Genieo installer asks users to authenticate with their password prior to installation
It then mounts a special app that asks for Keychain access, prompting a different dialog that asks the user whether to allow or deny that access.
The mouse cursor clicks Allow all by itself.
It happens so fast that most users would never notice. That’s the point. And what’s worse is that this isn’t exploiting an OS X flaw. Which means that preventing this from being a major threat is a bit problematic. It’s not sure if Apple is aware of this and if they are going to do anything about it at this point. But seeing as El Capitan is on the horizon, that may be Apple’s best chance of dealing with this threat. In the meantime, users should follow the usual common-sense security practices. Such as don’t download files from unknown sources and be wary of e-mails or websites that seem suspicious.
This entry was posted on September 2, 2015 at 12:55 pm and is filed under Commentary with tags Apple, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Mac Malware Accesses OS X’s Keychain WITHOUT User Interaction
Mac users beware. According to Malwarebytes, a new version of the Genieo adware has brought with it something that is extremely dangerous. It can access the OS X Keychain without user intervention. This could pave the way for other more deadly malware to do anything from steal information to pwn your Mac.
Here’s an video that shows this in action:
That video is short and quick. So I’ll explain what happened:
It happens so fast that most users would never notice. That’s the point. And what’s worse is that this isn’t exploiting an OS X flaw. Which means that preventing this from being a major threat is a bit problematic. It’s not sure if Apple is aware of this and if they are going to do anything about it at this point. But seeing as El Capitan is on the horizon, that may be Apple’s best chance of dealing with this threat. In the meantime, users should follow the usual common-sense security practices. Such as don’t download files from unknown sources and be wary of e-mails or websites that seem suspicious.
Share this:
Like this:
Related
This entry was posted on September 2, 2015 at 12:55 pm and is filed under Commentary with tags Apple, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.