macOS High Sierra Security Problems Could Lead To Password Hacking, Analyst Claims

By Shiena Bernardino, Christian Post Contributor

After Apple officially rolled out the macOS High Sierra early this week, reports claimed that hackers managed to find a way to break into the operating system's tight security features.

A report from Forbes claimed that former NSA analyst-turned-research head of the Synack security firm Patrick Wardle discovered that hackers can easily steal passwords from the Macs that currently runs using the latest operating system.

According to Wardle's post on Twitter, the unsigned apps on the new macOS High Sierra operating system can dump and exfil keychain programmatically. This will allow hackers to get the users' passwords without much trouble.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Wardle utilized his keychainStealer app to force the keychain to reveal the passwords for users' social media and Bank of America accounts.

"Without root privileges, if the user is logged in, I can dump and exfiltrate the keychain, including plaintext passwords," Wardle said in an interview with the publication. "Normally you are not supposed to be able do that programmatically."

He also explained in a separate interview with Gizmodo that all the apps running in the device's system will be able to penetrate into the information contained in the keychain without the help of any user interaction. This means that the new operating system from Apple contains a vulnerability that lets local code to get into the keychain and pass through its security components.

Mashable reached out to the Cupertino-based tech giant for their reaction regarding Wardle's expose, and a company spokesperson confirmed that their developers are currently investigating the analyst's claims.

"macOS is designed to be secure by default, and [Apple security feature] Gatekeeper warns users against installing unsigned apps, like the one shown in this proof of concept, and prevents them from launching the app without explicit approval," the Apple spokesperson said in a statement they sent to Mashable through email. "We encourage users to download software only from trusted sources like the Mac App Store, and to pay careful attention to security dialogs that macOS presents."

Apple is expected to release a fix to the rumored security problems of the macOS High Sierra in the coming days.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.