A group of six university researchers claim to have successfully bypassed Apple’s tight App Store approval processes to publish Mac and iOS malware apps. According to the report, the team presented the zero-day vulnerability to Apple back in October 2014 and were told to keep quiet about it for at least six months.
Luyi Xing, a security researcher who helped expose the zero day vulnerability, still has yet to hear back from Apple on a possible fix.
The team said that due to Apple’s dangerous vulnerability, it’s possible to raid iCloud Keychain and steal a user’s passwords. They can theoretically also sneak right past the App Store approval process to get malware into the hands of anyone who unknowingly downloads the malicious app.
https://youtu.be/7NGlmWtw83s
Even worse, the researchers were able to break sandboxes and discover the ability to steal passwords from any app on the iPhone, pre-installed or third-party.
“Recently we discovered a set of surprising security vulnerabilities in Apple’s Mac OS and iOS that allows a malicious app to gain unauthorized access to other apps’ sensitive data such as passwords and tokens for iCloud, Mail app and all web passwords stored by Google Chrome,” Xing told The Register.
He added that his team has “identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps.”
The six researchers who discovered the zero-day published their findings in a 13-page document “Unauthorized Cross-App Resource Access on MAC OS X and iOS.” So far, AgileBits, creator of 1Password and Google’s Chromium security team have acknowledged that a security issue of this magnitude can not be solved within applications themselves. Apple will eventually have to step forward with a solution on the OS level.
George Tinari has covered Apple and technology for over six years. On the rare occasion that he’s not sitting in front of his laptop, you can find him eating, awkwardly socializing, listening to music or singing along loudly to said music. You can also follow George on Twitter if you need more complaints and sarcasm in your timeline.
9 responses to “iOS and OS X bug lets attackers steal passwords from iCloud Keychain”
It would be helpful if you would note what the USER can do as a precaution, if anything, at this point. Or simply state that nothing can be done other than choosing iOS apps with care.
Now this is different than on any other site I have read today. Is this an issue of the iCloud keychain or the local keychain? In other words, is the keychain on my macbook/iphone in danger? What if I don’t use iCloud keychain sync?
And now that they published it on you tube, it went from a theoretical threat to a widespread threat. Well done idiots.
The idiot here is Apple. Despite having been told about the vulnerability eight months ago it still hasn’t been fixed. The researchers gave Apple plenty of time, but in the end, when a company fails to address the vulnerability, this happens. Just because it wasn’t a widespread threat doesn’t mean that no one else knew about it. It’s not like Russia or China don’t have hackers attacking the US or anything… This could very well have been used to target US companies or politicians.
I am an example to this I just saw this article and I thought and couldn’t explain it as to why my iPhone was messed up to the point where I needed a new phone new number new SIM card. T Mobile even said my phone had “touch sensitivity issues or it was hacked. They replaced my phone on spot iPhone 6 Plus Gold. I was layed off by a major privately owned corporation in the US that somehow a secondary person email I have had tor over 7-10 years was attached as a secondary recovery email across the board. I was getting iCould Keychain approval messages each and every time I used the phone and would only let me click APPROVE iCloud Keychain to access anything on my phone. I officially don’t have any email addressss that I can access at this point. I am releaved I saw this because I literally thought as well as close friends and family that I was out of my mind for thinking I was “HACKTIVATED” as stated from a local T Mobile store.
I will keep everyone posted thank you. I can finally sleep easy knowing I KNEW IT WOW
Kaspersky: Windows Phone less vulnerable than iOS and Android
Ooooh a hater comment. That’s new.
Is this real life
BIng or Google it