A 15-year-old vulnerability has been discovered by researchers in Apple devices like Macbook that can allow hackers to access sensitive information by bypassing a vulnerability in third-party Mac security programs from Facebook, Google, VirusTotal.
What is the vulnerability?
The bug is in the way several security products for Mac implement Apple’s code-signing API, thus allowing hackers to impersonate Apple to sign malicious code and evade third-party security tools. In simpler words, hackers can design custom malware executables and bind them with legitimate Apple applications that would even appear assigned by Apple even when they are not.
What is code-signing?
Code-signing is a process that checks whether the files are signed with digital certificate i.e the code is authentic and comes from the organisation that signed it.
So, if a file is signed by MacOS the computer will trust the application. The vulnerability that was found, allowed hackers to merge malicious files with legitimate Apple-signed code and thus make the malware look like it was signed by Apple.
In order to exploit the vulnerability attackers requires Fat binary format contains several Mach-O files written for different CPU architectures (i386, x86_64, or PPC).
Although, it should be noted that the vulnerability is not in macOS how third-party security tools implemented Apple’s code-signing APIs when dealing with Mac’s executable files called Universal/Fat files.
Comments from Ankush Johar, Director at Infosec Ventures – an organisation that provides complete infrastructure security solutions for commercial and government clients of all sizes
Although researchers have recently discovered this vulnerability, it is not known since how long this vulnerability was out in the open. For malicious Hackers and surveillance agencies, these techniques are gold for spreading malware and they might have already been exploiting this vulnerability to distribute malware via binding it with legitimate Apple applications.
Users are suggested to completely avoid downloading applications from 3rd party sources even if they seemed to be signed by a trusted authority and make sure they install the software and OS updates the moment they are released.
Your email address will not be published. Required fields are marked *
Notify me of follow-up comments by email.
Notify me of new posts by email.
Sign me up for the newsletter!
Anantha Padmanaban (Chairman, GJC) – All India Gem & Jewellery Domestic Council (GJC)
Shri Radha Mohan Singh, Hon’ble Union Agriculture Minister, Govt. Of India To Inaugurate Mother Dairy’s First Milk Processing Plant In Eastern India
Celebrate 70th Republic Day At SMAAASH Cyber Hub & Mall Of India Noida
IRB Infra’s SPV First HAM project to commence construction soon
The 4th Edition Of ‘India Steel 2019’ Expo To Be Held On January 22-24 In Mumbai
2014 The Global Indian New Network (TGINN)