Hackers use Mac OS X’s encryption system to create “invisible” malware
Published: Monday, October 14, 2013
Updated: Monday, October 14, 2013 23:10
For years, there was a common belief that Macs are much safer than PCs. But in today’s wired society, there’s always a new way to crack the iron curtain of security features.
Hackers have found a way to use Mac OS X’s own encryption system to create undetectable malware, according to thehackernews.com.
Malware is short for malicious software and is used by hackers to disrupt computer operation, gather sensitive information or gain access to private computer systems. Daniel Pistelli, a reverse engineer, explained the details behind the technique he used to create the invisible malware.
Pistelli said Apple uses an internal encryption method to protect its execution apps. That same encryption is used to create malware. In other words, the same technique used to protect Mac software can also be used to harm it. Anti-malware detection systems can’t identify the malware because of its own encryption.
Senior computer science majors Aaron Mayo and Nick Lee weren’t surprised, and both said that this form of hacking can be prevented if users know what they’re doing.
“I’m not surprised at all,” Mayo said. “When you have something secure, someone is going to try to break it. It’s a power thing [for hackers]. It doesn’t matter if it’s Mac or not. It’s kind of like being a super hero; you’ll want to exercise your powers.”
Lee advised users in general to be aware of what they’re doing online and to remember that nothing is truly safe.
“In OS X, you can set it up to allow only installs from the app store, so you can worry less about what goes onto your Mac,” Lee said. “People should be aware of what they’re doing online. Whether you use OS X, Windows, or even Linux. Everything has its faults.”
The encryption mechanism can be used on malwares that are already detected by anti-malware systems. This means that malware can potentially fly completely under the radar on Mac OS X because the same anti-malware software can’t understand that its encrypted.
To fight against this problem, Pistelli says that anti-malware should choose to work with Apple’s own encryption system by trusting only Apple-signed encrypted executable files.
But Lee says that this is not likely to happen.
“Well, good luck with that,” Lee said. “Apple is really strict about allowing access to their APIs. It’s like their App Store process: very strict. They’re not going to let anyone have a share of their secret sauce.”