Hacker finds a way around macOS warning pop-ups

If you use a Mac, you’ll be familiar with user warnings. They’re the pop-up boxes that appear whenever you or an application tries to do anything out of the ordinary, such as accessing your contacts or location, just to make sure you actually know what you’re doing.

They’re slightly annoying, but a pretty clever part of the Mac’s defences against malware. The thinking is pretty clear: even if you are infected by malware, by making the user approve access to sensitive data, you can at least prevent hackers from getting to the truly juicy stuff.

Related: Best laptops

Only, this method is not quite as foolproof as initially thought, as former National Security Agency (NSA) hacker Patrick Wardle revealed at the DEFCON hacker convention in Las Vegas.

Ars Technica reveals how Wardle discovered that the Mac operating system has a mode that converts keyboard presses into mouse actions, meaning that malware could theoretically ‘click’ these pop-up boxes, cutting out the owner entirely. This would still be pretty obvious to an eagle-eyed Mac owner if it weren’t for the fact that macOS interprets two mouse-down buttons as clicking ‘OK.’

As you might imagine, this made creating malware that could bypass the security pop-up pretty trivial: just a couple of extra lines of code. Adding these gave Wardle calendar access, alongside all of the Mac’s contacts, and accurate geolocation, on a system with a fully-updated version of High Sierra.

There is a big limitation to the exploit, of course. While the keyboard controls can fake an ‘OK’ click, they can’t pop in your password for you, and the most sensitive settings and information tends to hide behind such prompts.  

Read more: Best laptop for students

In any case, Wardle’s research has ensured that the problem will be fixed in the upcoming version of macOS, Mojave. Nonetheless, it’s a timely reminder that it just takes one tiny weakness in an otherwise secure computer’s defence to give hackers the opening they need to do serious damage.

Do you feel secure in macOS? Let us know on Twitter @TrustedReviews.