Skip to main content

Mac Gatekeeper vulnerability allows installation of malware

posted onJune 25, 2019
by l33tdawg
Apple Insider
Credit: Apple Insider

The exploit, discovered by security researcher Filippo Cavallarin, relies on two basic Mac features to function: automount and Gatekeeper.

As detailed by Tom's Guide, Gatekeeper funnels files downloaded from the internet to Apple's XProtect antivirus screener, but grants files from a local storage device — mounted via automount — safe passage without scrutiny. Cavallarin was able to trick Gatekeeper into thinking a downloaded file originated from a local drive, bypassing the normal screening protocols.

Cavallarin reportedly contacted Apple about the issue in February, but published details on May 24 since the problem was left unfixed. The accompanying OSX/Linker malware attempts to hijack a Mac, at which point the computer can be used for any malicious activity attackers want, from crytpo mining to data theft.

Source

Tags

Security Apple

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th