Hackers may easily bypass Apple’s security features

Apple has increased the security of its products with the addition of new security features such as Gatekeeper and XProtect to OS X in order to protect users from malicious content. These features were included in response to a rising threat of malware.

But according to Patrick Wardle, director of research at Synack , these protections are easy to bypass and the attackers may gain access to Mac.

According to ThreatPost, Wardle said in a talk at the RSA Conference on Thursday:
“It’s trivial for any attacker to bypass the security tools on Macs. If Macs were totally secure, I wouldn’t be here talking.”

Apple claimed that Gate keeper is one of the key technologies that are used to prevent malware from running on OS X machines. It gives users the ability to restrict which apps can run on their computers by selecting to only allow apps from the Mac Apple Store.

But Warlde said, “Gatekeeper doesn’t verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper. It only verifies the app bundle.”

When the app is opened, either Gatekeeper knows where it’s from and allows it, or it doesn’t and it shuts the app down. But it doesn’t continually check the app, which Wardle said can be a problem. “It’s trivial to bypass XProtect,” he said.

Warlde found that by recompiling a known piece of OS X malware to change its hash, he could sneak the malware past XProtect and run it on the target computer. OS X also includes a sandboxing feature that can be bypassed with a number of known kernel-level vulnerabilities.

Warld confirmed that on the whole, the security tools in OS X don’t present much of a challenge for attackers right now.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 5 Techniques Hackers Use to hack Social Media Accounts

These days, Social Media have become a significant need in our everyday life. It encourages us to associate and connect with anyone over the...

5 Top Programming Languages for Hacking

We live in the 21st century, which is very fast-changing. This is a century of competition for information and computing resources. Every year the...

OSINT Tutorial to Track An Aircraft And Flight Information In Real-Time

No doubt Internet is said to be the world's largest repository of data and information. It contains an enormous amount of data related to...

Preventing SQL Injection in PHP Applications

SQL injection is one of the most common cybersecurity threats and as the name suggests, it is a form of injection attack. Injection attacks, on...