MacOS Exploit Targets Saved Keychain Passwords


March 5, 2019

A recently discovered MacOS exploit allows someone to steal usernames and passwords directly from the Keychain app with out requiring an Administrator account.

The exploit was discovered by Linuz Henze, a German cybersecurity researcher. Details regarding how the exploit works exactly are slim, but Henze demonstrates how easy it is to access Keychain’s stored content in the video below:

Henze uses a program called KeySteal to lift the sensitive information, and he does it quite easily. KeySteal appears to be a unique program developed by Henze and not available in the wild (which is a good thing).

The software can access Keychain without requiring an an admin password or requiring permissions. The exploit could be potentially dangerious if downloaded without the end user knowing. If installed on a machine, once the user logs in the exploit could potentially launch in the background and would have free access to all of Keychain’s stored information.

According to Henze the exploit completely bypasses all of Apple’s current security measures (such as their T2 security chip).

The exploit was first publicized in February and Henze has been acting in a sort of… mercenary fashion. At first refused to share his findings with Apple because the company doesn’t currently offer any sort of bug bounty program to security researchers who discover flaws in the OS.

Thankfully the ice has thawed and the two are working things out and hopefully the issue gets resolved in an upcoming software update. Until then the only way to protect your system is to manually add an extra password to Keychain that’s different from your default system password.

That’s all the information we’ve got regarding the issue currently but we’ll keep you updated if things change. The easies way to follow along is to subscribe to our blog using the form located at the top of the page.

Carl Keyser is a Digital Marketing Specialist at Integris.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...