Hackers may easily bypass Apple’s security features

Apple has increased the security of its products with the addition of new security features such as Gatekeeper and XProtect to OS X in order to protect users from malicious content. These features were included in response to a rising threat of malware.

But according to Patrick Wardle, director of research at Synack , these protections are easy to bypass and the attackers may gain access to Mac.

According to ThreatPost, Wardle said in a talk at the RSA Conference on Thursday:
“It’s trivial for any attacker to bypass the security tools on Macs. If Macs were totally secure, I wouldn’t be here talking.”

Apple claimed that Gate keeper is one of the key technologies that are used to prevent malware from running on OS X machines. It gives users the ability to restrict which apps can run on their computers by selecting to only allow apps from the Mac Apple Store.

But Warlde said, “Gatekeeper doesn’t verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper. It only verifies the app bundle.”

When the app is opened, either Gatekeeper knows where it’s from and allows it, or it doesn’t and it shuts the app down. But it doesn’t continually check the app, which Wardle said can be a problem. “It’s trivial to bypass XProtect,” he said.

Warlde found that by recompiling a known piece of OS X malware to change its hash, he could sneak the malware past XProtect and run it on the target computer. OS X also includes a sandboxing feature that can be bypassed with a number of known kernel-level vulnerabilities.

Warld confirmed that on the whole, the security tools in OS X don’t present much of a challenge for attackers right now.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...