Mac flaw could let hackers get scrambled data
Thursday 30 July 2009
A Mac security expert has uncovered a technique that hackers could use to take control of Apple Inc computers and steal data that is scrambled to protect it from identity thieves.
Prominent Mac researcher Dino Dai Zovi disclosed the software flaw at the Black Hat security conference in Las Vegas, one of the world's top forums for exchanging information on Internet threats.
About 4,000 security professionals are in attendance, including some who are really hackers. While experts ferret out software flaws to fix them and protect users, hackers use the same information to devise pranks or commit crimes.
It is not illegal to publish software that can be used to hack into computer systems, though it is against the law to use it to break into them.
Attacks on Apple computers are extremely rare, but security experts say that will change as Macs gain market share on PCs running Microsoft Corp's Windows operating system. Security experts have identified at least three viruses infecting Macs over the past year.
The most sophisticated of them is spread via pirated versions of Apple's iWorks software. It allows cybercriminals to take complete control of an infected Mac.
Another virus, OSXPuper a, is spread via infected websites that direct users to download what they say is a video player, but turns out to be malicious software. That software can subsequently download other types of viruses.
Dai Zovi, a security researcher and co-author of "The Mac Hacker's Handbook," said on Wednesday that once hackers start to put substantial resources into targeting Apple's computers, they will be at least as vulnerable as Windows machines.
"There is no magic fairy dust protecting Macs," he said in an interview.
The technique that Dai Zovi unveiled on Wednesday -- dubbed "Machiavelli" -- only works on machines that have already been victimized. It can take control of Apple's Safari browser, stealing encrypted data from a user's bank accounts.
An Apple spokeswoman could not be reached for comment.
Apple is the fourth-largest U.S. PC maker and continues to take market share. It held 9 percent of the U.S. market in the second quarter, according to Gartner.
"They are advancing. Our concern is that they are just not advancing as fast as they are gaining market share," said Charlie Miller, co-author of "The Mac Hacker's Handbook."
They said the Mac's operating system will be an easier nut to crack once hackers start to focus on it. That is because it has a lot more code in it than Windows, leaving room for more vulnerabilities and bugs that hackers can exploit.
While there is a limited supply of malicious software targeting Macs today, experts worry that the pendulum could quickly shift, leaving millions of Apple users unprotected.
"When the malware authors put out something that's really sophisticated we are going to have a whole population that is really vulnerable," said Joel Yonts, an expert in Mac security attending Black Hat.
New UK station Russia Today gives a very bizarre view of Britain
By performing as African Americans or Indians, white people get to play act a kind of 'imaginary liberation', writes Michael Mark Cohen
New essay by JK Rowling went live on Pottermore site this morning
Top Gear presenter is no stranger to foot-in-mouth controversy
Life & Style blogs
How to carve a pumpkin for Halloween with this step-by-step tutorial
Health: When masturbation can be fatal: The practice of auto-erotic asphyxia is often concealed by a coroner's verdict. Monique Roffey looks at a lethal taboo
Woman successfully sues Google for showing her with 'part of her breast exposed' on Street View
Happy Halloween! Google celebrates All Hallows' Eve with Doodle
The post-porn wave: why some young people are shunning videos of misogynistic sex
Pope Francis declares evolution and Big Bang theory are real and God is not 'a magician with a magic wand'
Huge surge in Ukip support after EU funding row, according to new poll
Ukip ‘exploiting grooming scandal’ to secure party’s first police chief
Nigel Farage: 'There’s nothing wrong with white people blacking up'
Maureen Lipman says 'she can't vote Labour while Ed Miliband is leader'
Muslims, immigration and teenage pregnancy: British people are ignorant about almost everything
- 1 Canadian actor punched in face after 'Islamophobia' experiment goes wrong in wake of Ottawa shooting
- 2 Topshop at centre of row over body image as 'shocking' skinny mannequin photo goes viral
- 3 Top Gear presenter Jeremy Clarkson criticised for beer tweet
- 4 The bubble bursts for Sodastream
- 5 If you think Russell Brand’s new book is confused, you should read what his critics have to say about it
iJobs Gadgets & Tech
£18000 - £23000 per annum + Uncapped Commission: SThree: SThree Group has been...
£18000 - £27000 per annum + Commission: SThree: The SThree group is a world le...
£35000 - £40000 Per Annum plus excellent benefits: Clearwater People Solutions...
£20000 - £25000 per annum + OTE £35K: SThree: We consistently strive to be the...