Another macOS exploit

Yoused

Yoused

up
Posts
5,600
Reaction score
8,897
Location
knee deep in the road apples of the 4 horsemen
arstechnica.com

Booby-trapped sites delivered potent new backdoor trojan to macOS users

Written from scratch, DazzleSpy is the latest advanced piece of Mac malware.
arstechnica.com arstechnica.com

This thing is troublingly sophisticated, using vulnerabilities that show macOS has some poor security hygiene going on. Nevermind it uses zero-click entry, getting in directly through web page coding and silently gaining root access.

I hope we are not going to see a bunch more of this nonsense.
 
U

User.45

Guest
Yoused said:
arstechnica.com

Booby-trapped sites delivered potent new backdoor trojan to macOS users

Written from scratch, DazzleSpy is the latest advanced piece of Mac malware.
arstechnica.com arstechnica.com

This thing is troublingly sophisticated, using vulnerabilities that show macOS has some poor security hygiene going on. Nevermind it uses zero-click entry, getting in directly through web page coding and silently gaining root access.

I hope we are not going to see a bunch more of this nonsense.
Click to expand...


Indeed, researchers from Google’s threat analysis group who first uncovered the exploits said that, based on their analysis of the malware, they “believe this threat actor to be a well-resourced group, likely state-backed, with access to their own software engineering team based on the quality of the payload code.”

As the Google researchers first noted, the malware was spread in watering-hole attacks that used both fake and hacked sites appealing to pro-democracy activists in Hong Kong.
Click to expand...
Well...
 
Joe

Joe

Elite Member
Posts
1,557
Reaction score
2,771
Location
Texas
Apple is just using this as an excuse to close MacOS like iOS. It's for the children!
 
Cmaier

Cmaier

Site Master
Staff Member
Site Donor
Posts
5,297
Reaction score
8,457
Yoused said:
Back in the '80s & '90s they had this awesome tool called HyperCard — Xcode and Cocoa made slapping together a thing that does some stuff almost that easy.
Click to expand...

I remember HyperCard well. Hell, Myst started out as a HyperCard app.
 
J

jbailey

Power User
Posts
167
Reaction score
183
Yoused said:
arstechnica.com

Booby-trapped sites delivered potent new backdoor trojan to macOS users

Written from scratch, DazzleSpy is the latest advanced piece of Mac malware.
arstechnica.com arstechnica.com

This thing is troublingly sophisticated, using vulnerabilities that show macOS has some poor security hygiene going on. Nevermind it uses zero-click entry, getting in directly through web page coding and silently gaining root access.

I hope we are not going to see a bunch more of this nonsense.
Click to expand...
From the article:
Apple has since patched the vulnerabilities exploited in this attack.
Click to expand...
 
Huntn

Huntn

Whatwerewe talk'n about?
Site Donor
Posts
5,283
Reaction score
5,223
Location
The Misty Mountains
Yoused said:
arstechnica.com

Booby-trapped sites delivered potent new backdoor trojan to macOS users

Written from scratch, DazzleSpy is the latest advanced piece of Mac malware.
arstechnica.com arstechnica.com

This thing is troublingly sophisticated, using vulnerabilities that show macOS has some poor security hygiene going on. Nevermind it uses zero-click entry, getting in directly through web page coding and silently gaining root access.

I hope we are not going to see a bunch more of this nonsense.
Click to expand...
Hopefully Apple is all over this.
 
Yoused

Yoused

up
Posts
5,600
Reaction score
8,897
Location
knee deep in the road apples of the 4 horsemen
Huntn said:
Hopefully Apple is all over this.
Click to expand...
As jbailey notes, they did patch the vulnerability. Still, modern CPUs have all raft of tools they can use to make sure shit like this does not have an attack vector. For example, the exploit wrote some stuff and then jumped right into it: a secure OS should make all its memory NX (non-executable) except for the very small spots where actually machine code runs. It would not fix everything, but it would shut one way in.
 
Nycturne

Nycturne

Elite Member
Posts
1,136
Reaction score
1,483
Yoused said:
As jbailey notes, they did patch the vulnerability. Still, modern CPUs have all raft of tools they can use to make sure shit like this does not have an attack vector. For example, the exploit wrote some stuff and then jumped right into it: a secure OS should make all its memory NX (non-executable) except for the very small spots where actually machine code runs. It would not fix everything, but it would shut one way in.
Click to expand...

JavaScript engines tend to be a source of problems related to NX flagging of pages. While macOS has supported it by default for the heap and stack for 64-bit executables, you do have to disable it in places for the JIT to work, and while I haven’t read up on this specific exploit, I suspect part of the exploit abuses the gaps a JIT engine like JavaScriptCore provides.

Cmaier said:
I remember HyperCard well. Hell, Myst started out as a HyperCard app.
Click to expand...

As a bit of a fan of Rand and Robyn Miller’s works, there’s their work that led up to Myst that was all HyperCard. The Manhole, Cosmic Osmo and Spelunx.
 

Similar threads

Colstan
Google to Android users: Don't pick up the phone!
Replies
0
Views
161
Colstan
Colstan
Top Bottom
1 2