Experts in the field of computer security, the Lebanese company MyKi discovered a vulnerability that allows attackers almost invisibly to steal passwords and other user credentials in OS X, Securitylab reports. Antoine-Vincent Gebara and the Raja of Rahbani revealed that the number of commands in the Terminal can be used to retrieve some stored on the user’s device credentials.
The vulnerability is dangerous due to the fact that the attacker does not need to interact directly with the victim. Specially designed by hackers mouse commands can be used to press the hidden button “Allow” in order to access the keychain in OS X.
Special teams can be caused with malicious software or even video and image. Team “provoke” Mac prompts you to press “Allow”. The button appears extremely quietly, somewhere on the side of the screen or docking panel and automatically pressed by using all of the same commands.
All necessary actions exploit runs in just 0.2 seconds, so the user his work is almost invisible. Retrieved from “keychain” password can then be sent from iMessage on any mobile phone, a server, or saved on the target machine for delayed sending. The very malware that provokes the commands can be delivered via e-mail, open in browser, etc.
Experts note that are under threat not only those passwords that are stored on your Mac, but also on mobile devices, if the user uses a feature called iCloud keychain.
Apple has already informed about the existing security flaws, but the company has not yet released an update that corrects the vulnerability.