Exploiting a bug in Mojave, [ex-NSA security researcher Patrick] Wardle has shown yet again that any piece of automated malware can exploit a feature of MacOS known as “synthetic clicks” to breeze through security prompts, allowing the attacker to gain access to the computer’s camera, microphone, location data, contacts, messages, and even in some cases to alter its kernel, adding malicious code to the deepest part of the operating system.
“The ability to generate synthetic clicks is more interesting than ever from an attacker’s point of view,” Wardle told WIRED ahead of a talk about the vulnerability he gave yesterday at a conference he organizes, Objective by the Sea. Even as Apple’s marketing puts more weight on click-to-allow security prompts, he points out, the company still isn’t stopping hackers from circumventing them with simple bugs. “The way they implemented this new security mechanism, it’s 100 percent broken. It’s sad that they got onstage to make these claims but did nothing to back them up.”
Wardle concedes that his exploit by itself doesn’t allow a remote attacker to hack a Mac across the internet. The attacker would need to already have remote access to a victim machine or have installed a malicious application. But if a hacker can gain that initial foothold, say, with a malicious attachment in a phishing email or another common technique, it could allow malware to expand its access much deeper into a target system.
MacDailyNews Take: Obviously, Apple’s safeguards against synthetic clicks require more bolstering. Thanks to researchers like Wardle for identifying these vulnerabilities and informing Apple the best-in-class OSes we use are getting even more secure every day.
Unfortunately, Wardell doesn’t have a very high opinion of Apple’s security mindset:
Wardle told The Register that “If any security researcher or someone at Apple with a security mindset had audited this code, they would have noticed it. Once you see this bug, it is trivial. They are not auditing the code. They are implementing these new security features, but the reality is they are often implemented incorrectly.”
Hopefully this public criticism of Apple by Wardle will prompt Apple to up their game omn implementing new security features.