In this video, you will see a new 0day exploit that allows hackers to extract mac passwords keychain on your local macOS Mojave and lower versions. This New Exploit Steals Apple Mac Passwords without root or administrator privileges and without password prompts of course. This is not the first time. You might remember KeychainStealer from @patrickwardle, released 2017 for macOS High Sierra, which can also steal all your keychain passwords. While the vulnerability he used is already patched, the one I found still works, even in macOS Mojave. Hacker will not release this tool. The reason is simple: Apple still has no bug bounty program for macOS, so criticise them.
Hacker Finds Way to Steal mac passwords keychain
we will release more videos showing vulnerabilities mac passwords keychain in the future. will be for vulnerabilities found in Apple products. Maybe this forces Apple to open a bug bounty program at some time.
Mac passwords keychain
This is interesting… now the main trick is behind the functionality of this hack. hacker is not revealing how have installed this app into the system and if that throws a gatekeeper warning or not? If that is true Apple may not take it much seriously as by telling user should only install apps from iStore like the last time on 2017 for high Sierra? Also if my keychain is pwd and login pwd are diff, will it work? But still a mystery. If this app is able to obtain a valid apple trust certificate or bypass gatekeeper then it’s a major bug.
Breaking Apple iCloud Keychain explained by Vladimir Katalov CEO from ElcomSoft
Everybody knows about mac passwords keychain and Apple iCloud backups — how to disable this feature, or if you are on the other side how to download the icloud data.
However, iCloud is not just about backups in our days is much more information stored there. There is quite a lot of data that is also being synced across all the devices and kept in the iCloud servers, including contacts, calendars, notes, media files, documents, 3rd party application data, passwords, credit card numbers, mail signatures, custom text shortcuts, call logs and much more. Even if you disable syncing completely (but still have the iCloud completely), some data
Even if you disable syncing completely but still have the iCloud account some data still goes to Apple servers and so accessible by both Apple and probably 3rd parties for example: from hackers or government. There is no such option to sync them, but it is still there.
You may think that using two-factor authentication makes your data safe, but in fact, it does not. Even more, this “protection” make it easier to access some data, such as passwords and contacts numbers. Check the video presentation at Hack In The Box Security Conference:
Breaking Apple iCloud Keychain explained