Monday, August 13, 2018

(Zero Day Hack for MacOS) What is "synthetic click"? - Programmatic and invisible mouse clicks that are generated by a software program rather than a human. Hack 2 lines of code in Mac OS (High Sierra) and this attack can be created.




To know, how dangerous it can go, Wardle explains: "Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? Click...allowed. Authorize keychain access? Click...allowed. Load 3rd-party kernel extension? Click...allowed. Authorize outgoing network connection? click ...allowed."

High Sierra incorrectly interprets two consecutive synthetic mouse "down" event as a legitimate click, allowing attackers to programmatically interact with security warnings as well that asks users to choose between "allow" or "deny" and access sensitive data or features.

The vulnerability can potentially be exploited to dump all passwords from the keychain or load malicious kernel extensions by virtually clicking "allow" on the security prompt and gain full control of a target machine.

One piece of good news is However, the Apple's next version of macOS, Mojave, already has mitigated the threat by blocking all synthetic events,

https://thehackernews.com/2018/08/macos-mouse-click-hack.html

No comments:

Post a Comment