Mac Feature Can Be Hijacked to Spy on Users

Security researcher Felix Krause has discovered a macOS vulnerability that allows cybercriminals to take screenshots of the screen activity and then turn to apps featuring OCR to read the text.

In an analysis on his blog, Krause explains that the CGWindowListCreateImage function can be abused by any Mac app, no matter if it’s sandboxed or not, to take screenshots of the screen without users knowing about it, even when the app itself is running in the background.

The researcher says a potential attacker could get access to all connected monitors, and could eventually be able to read passwords and keys from apps like password managers.

Needless to say, all the other data is exposed as well, including here email messages and personal information, like bank details and contact data. The information in the screenshots cybercriminals take can be automatically extracted with OCR s… (read more)

Source Link

Remember to like our Facebook and our twitter @macheatdotcom for a chance to win a free iPad every month!

Quick Links: How To Install Steam On Mac | Download Mac Apps | Read Mac Tutorials | OS X Server News | Mac Games |  Download Rolex Watch Wallpapers | Download Mac Wallpapers

Juniya Sankara

Juniya Sankara

A web developer, programmer, Mac OS X fanatic. I also love comic books, sports and I enjoy researching history facts. My role on MacHeat.com is to make sure everything works 24/7.