- Joined
- Aug 28, 2009
- Messages
- 47
- Reaction score
- 0
- Points
- 6
- Location
- Summerville, SC
- Your Mac's Specs
- MacBook Intel 2.4, 10.6.1, XP Partition | 1st Gen Time Capsule | 5th Gen 30GB iPod
Very interesting -
leading Mac researcher Dino Dai Zovi has unveiled a new attack at the chic Black Hat security conference in Las Vegas. The new technique allows hackers to take control of OS X machines and steal data from them that is supposed to be encrypted.
All the technique needs is access to the memory. A few lines of code will give the attacker access to the root memory, which is then written to establish a TCP connection, allowing the hacker to download malicious files and control the computer remotely. Mr. Zovi demonstrated how the attack can be used to hijack Apple’s Safari browser, stealing encrypted data from a user’s bank accounts.
He states, “There is no magic fairy dust protecting Macs. Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun.”
see linkAll the technique needs is access to the memory. A few lines of code will give the attacker access to the root memory, which is then written to establish a TCP connection, allowing the hacker to download malicious files and control the computer remotely. Mr. Zovi demonstrated how the attack can be used to hijack Apple’s Safari browser, stealing encrypted data from a user’s bank accounts.
He states, “There is no magic fairy dust protecting Macs. Writing exploits for [Microsoft] Vista is hard work. Writing exploits for Mac is a lot of fun.”