Hackers can modify Safari on macOS to steal user data

Last year, Apple expanded its bug-hunting program. In addition to iOS, developers can report to Apple for macOS, watchOS errors . to receive generous rewards.

However, according to researcher Jeff Johnson, Apple did not have a fix fast enough with certain security holes.

Hackers can modify Safari on macOS to steal user data Picture 1 Apple has been notified of the vulnerability on macOS since 6 months ago

Six months ago, Jeff Johnson informed Apple of a vulnerability that allowed hackers to modify the Safari browser on macOS to steal user data. After users are tricked into downloading a malicious file, a version of Safari clone will be created by modifying the original Safari on macOS. From there, the Safari clone will be granted access to the system. Hackers will be able to remove any sensitive files that the original Safari can access.

According to Johnson, this vulnerability stems from the fact that Apple control systems on Macs do not fully check the authenticity of the file. This makes a clone version of Safari run on macOS without being blocked.

"We realized that an application containing malicious code could bypass the blocking system to access the ~ / Library / Safari directory, which only the original Safari and Finder have access to. Two applications contain malicious code, one is a clone of Safari used to access sensitive files carefully protected, while another application is responsible for modifying the original Safari to create. Safari clone and launch it.

Any application you download from the web can bypass macOS censorship. In the test, I was able to download user private data to a server I controlled easily because I could run any JavaScript statement , " Johnson said.

Hackers can modify Safari on macOS to steal user data Picture 2 But so far Apple defective there is no remedy

More seriously, according to Johnson, Apple has not yet overcome this vulnerability. Even, Johnson continues to see its appearance on the macOS11 Big Sur beta just launched. Apple seems to be forgetting about this problem, although Safari has received quite a few upgrades with macOS 11.

Johnson shared that Apple initially promised to fix the problem in the spring of 2020. However, recently contacted, Johnson received an answer that Apple is still investigating this vulnerability. Hopefully Apple will fix it before macOS 11 Big Sur is officially released.

1. 3 ways to identify a Mac that is infected with a virus