Ethical hackers prove having a Mac doesn't make you immune to cyberattacks
A pair of security researchers have successfully hacked a Mac belonging to billionaire film producer Jeffrey Katzenberg -- proving that owning a macOS device isn't an automatic defense against cyber threats.
-xl.jpg)
MacBook Pro
Rachel Tobac, a social engineer and CEO of SocialProof Security, successfully carried out the attack on the unspecified macOS device. According to Tobac, the attack was a demonstration for identify theft protection firm Aura -- a company that Katzenberg invests in.
Tobac leveraged a since-patched vulnerability and social engineering skills to get Katzenberg to click on a phishing link on a spoofed website. Once Katzenberg did so, she was able to steal photos, emails, and contacts from the Mac.
Additionally, the hacker was able to turn on the Mac's microphone and eavesdrop on Katzenberg without triggering the build-in macOS microphone indicator.
Tobac's husband Evan -- also a hacker and security researcher -- published another Twitter thread with details on the macOS vulnerability.
The exploit was built based on research from Ryan Pickren, who became notable when he was paid $100,500 for discovering a Safari Universal Cross-Site Scripting bug.
More specifically, the exploit leveraged the underlying bug to carry out an attack using iCloud links and Safari's sharing preferences. Importantly, the attack only worked because Katzenberg's Mac was out of date by several updates.
According to both Tobacs, some mitigations for the specific attack include keeping machines patched with the latest security updates, using at least two methods of verification for communications, and avoiding clicking on suspicious email links -- particularly if they are sent in an urgent manner.
Read on AppleInsider
MacBook Pro
Rachel Tobac, a social engineer and CEO of SocialProof Security, successfully carried out the attack on the unspecified macOS device. According to Tobac, the attack was a demonstration for identify theft protection firm Aura -- a company that Katzenberg invests in.
We just hacked a billionaire!
Got consent 1st then got to work hacking Jeffrey Katzenberg. @Evantobac & I stole his pics, emails, and contacts then turned on his mic (without an indicator light) & listened to his phone calls.
Here's the video on how we hacked a billionaire: pic.twitter.com/t63JJQccIr-- Rachel Tobac (@RachelTobac)
Tobac leveraged a since-patched vulnerability and social engineering skills to get Katzenberg to click on a phishing link on a spoofed website. Once Katzenberg did so, she was able to steal photos, emails, and contacts from the Mac.
Additionally, the hacker was able to turn on the Mac's microphone and eavesdrop on Katzenberg without triggering the build-in macOS microphone indicator.
Tobac's husband Evan -- also a hacker and security researcher -- published another Twitter thread with details on the macOS vulnerability.
The exploit was built based on research from Ryan Pickren, who became notable when he was paid $100,500 for discovering a Safari Universal Cross-Site Scripting bug.
More specifically, the exploit leveraged the underlying bug to carry out an attack using iCloud links and Safari's sharing preferences. Importantly, the attack only worked because Katzenberg's Mac was out of date by several updates.
This attack worked because Jeffrey's OS/browser were out of date by close to 4 months.
4 months was enough for detailed descriptions of the vulnerabilities to become public, for me to read about them and incorporate them into an attack.
This is a good segue into mitigations.-- Evan Tobac (@evantobac)
According to both Tobacs, some mitigations for the specific attack include keeping machines patched with the latest security updates, using at least two methods of verification for communications, and avoiding clicking on suspicious email links -- particularly if they are sent in an urgent manner.
Read on AppleInsider
Comments
He physically breaks in at night, then hacks into the computers, creating fake accounts with $$$
The next morning, in a suit, he goes in as a customer and closes the accounts.
Teller asks politely why he's closing the accounts.
"I didn't feel my $$$ was safe here", with a nice smile.
Takes the briefcase upstairs in the bank to the board of directors conference room and opens it, with all the $$$.
"You guys aren't that secure."
I've used computers as long as the Web existed and never got "hacked" personally but my accounts that got hacked was the companies who apparently failed to secure my accounts (Adobe and T-Mobile are examples) as reported by monitoring companies.
I always ignore phishing attempts. I know that IRS doesn't threaten me. I know that government will not seize my properties if I don't pay. It's not how it works. Yet we have so many people that actually believe that non-sense.
Again, no system is invulnerable but when the exploit can be prevented by simply loading security updates within a reasonable time, is it really newsworthy?