Report Finds MacOS Bug that can be exploited to Control Mac Devices

Posted on September 23, 2021 at 2:08 PM

Report Finds MacOS Bug that can be exploited to Control Mac Devices

MacOS is one of the most reliable operating systems when it comes to security. However, no operating system is 100% secure, especially if a user does not know the basic techniques to gain online safety.

One of the areas that threat actors exploit is sending infected files to a victim’s computer. When users open these files, they compromise their operating systems and leave them prone to hacking attacks.

Vulnerability on MacOS

Research by Park Minchan has revealed that vulnerability exists on the macOS, allowing attackers to gain access to a Mac device using the macOS version until the Big Sur version. To control the device, a hacker only needs to open an attachment sent via email, which later compromises their device.

The research also revealed that the file sent to the victim’s device contained an inetloc extension that can be used to find and exploit a vulnerability in the macOS Finder. Minchan published a blog post in which he stated that the inetloc file is usually sent via email to Mac devices.

He stated that these files “can be embedded inside emails which if a user clicks on them will execute the commands embedded inside them without providing a promo or warning to the user.” He further added that once the user opens the email attachment, the operating system will not issue any warning of vulnerability that is being exploited.

Inetloc files were designed to be shortcuts that can lead to a specific internet location. These files can contain a telnet location or an RSS feed. However, these files contain a server address comprised of a username and a password that can be used to access an SSH and telnet connection.

Inetloc files are usually created when one types in a URL in a text editor. The text is later dragged into the desktop.

Apple Silently Fixes Issue

Minchan also stated that Apple had attempted to fix the issue in the latest version of Big Sur. However, it seems that the patch was not successful, as hackers could still explore the vulnerability.

One of the issues that Apple failed to identify when fixing the patch was the failure to assign a CVE identification number. According to Minchan, Apple only addressed the vulnerability partially because a hacker could still gain access to the operating system by altering the protocol used to run the commands hidden in the inetloc files. He also added that the file could still bypass the checks installed by Apple to fix the vulnerability.

The advisory also added that “We have notified Apple that the file doesn’t appear to be blocked, but have not received any response from them since the report has been made. As far as we know, at the moment, the vulnerability has not been patched.”

While Minchan provided all the details on how the hack was conducted, he failed to mention how the attackers can use the vulnerability to attack users. However, he noted that hackers could exploit the bug to create an email attachment with malicious links. When the user opens these attachments, they can launch a remote payload on the target’s device.

Minchan was not the only one who exposed this vulnerability. An analysis conducted by Bleeping Computer confirmed that the vulnerability existed. The proof-of-concept provided by Minchan was tested by Bleeping Computer, which confirmed that threat actors could use the bug to execute arbitrary commands on the MacOS Big Sur version.

Bleeping Computer also stated that the vulnerability could also be exploited using specially created and downloaded files from the internet. The report further added that commands on the MacOS devices could also be lodged on the device without any warning or prompt.

One of the worrying factors about this bug is that no anti-virus software cannot detect it. Inetloc files that carry the PoC code cannot be detected by any malware security software, which means that users will continue using their devices without knowing that they have been hacked or installed a bug on their system.

Apple is yet to issue an official report on whether the vulnerability has been fully patched. However, the vulnerability has shed light on the need for exercising safety when browsing online sites.

One of the safe online techniques include not opening email attachments sent from unknown sources. Online users are also urged to exercise caution when opening email attachments that have been sent to them from an anonymous source. Using phishing emails to attack users has been one of the widely used techniques by threat actors.

Summary
Report Finds MacOS Bug that can be exploited to Control Mac Devices
Article Name
Report Finds MacOS Bug that can be exploited to Control Mac Devices
Description
MacOS is one of the most reliable operating systems when it comes to security. However, no operating system is 100% secure, especially if a user does not know the basic techniques to gain online safety.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 22, 2023
High-Severity WinRAR Flaw Allows Hackers To Assume Control Over PCs
Koddos

Newsletter

Get the latest stories straight
into your inbox!

Popular Articles

Aug 30, 2023
Stolen Data Threat: Rhysida Ransomware Gang Targets Prospect Medical Holdings
Aug 29, 2023
Compromised routers allowed online criminals to target Pentagon contract site
Aug 28, 2023
1.2 million customers of Mom’s Meals were affected after the recent data breach
Aug 28, 2023
How VPNs Can Defend Against the Threat of Hacking
Aug 23, 2023
Terra Developers Shut Down Website Amid A Phishing Campaign

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading