large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Hacker finds a way around macOS warning pop-ups

If you use a Mac, you’ll be familiar with user warnings. They’re the pop-up boxes that appear whenever you or an application tries to do anything out of the ordinary, such as accessing your contacts or location, just to make sure you actually know what you’re doing.

They’re slightly annoying, but a pretty clever part of the Mac’s defences against malware. The thinking is pretty clear: even if you are infected by malware, by making the user approve access to sensitive data, you can at least prevent hackers from getting to the truly juicy stuff.

Related: Best laptops

Only, this method is not quite as foolproof as initially thought, as former National Security Agency (NSA) hacker Patrick Wardle revealed at the DEFCON hacker convention in Las Vegas.

Ars Technica reveals how Wardle discovered that the Mac operating system has a mode that converts keyboard presses into mouse actions, meaning that malware could theoretically ‘click’ these pop-up boxes, cutting out the owner entirely. This would still be pretty obvious to an eagle-eyed Mac owner if it weren’t for the fact that macOS interprets two mouse-down buttons as clicking ‘OK.’

As you might imagine, this made creating malware that could bypass the security pop-up pretty trivial: just a couple of extra lines of code. Adding these gave Wardle calendar access, alongside all of the Mac’s contacts, and accurate geolocation, on a system with a fully-updated version of High Sierra.

There is a big limitation to the exploit, of course. While the keyboard controls can fake an ‘OK’ click, they can’t pop in your password for you, and the most sensitive settings and information tends to hide behind such prompts.  

Read more: Best laptop for students

In any case, Wardle’s research has ensured that the problem will be fixed in the upcoming version of macOS, Mojave. Nonetheless, it’s a timely reminder that it just takes one tiny weakness in an otherwise secure computer’s defence to give hackers the opening they need to do serious damage.

Do you feel secure in macOS? Let us know on Twitter @TrustedReviews.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.