Mac Feature Can Be Hijacked to Spy on Users

Security researcher Felix Krause has discovered a macOS vulnerability that allows cybercriminals to take screenshots of the screen activity and then turn to apps featuring OCR to read the text.

In an analysis on his blog, Krause explains that the CGWindowListCreateImage function can be abused by any Mac app, no matter if it’s sandboxed or not, to take screenshots of the screen without users knowing about it, even when the app itself is running in the background.

The researcher says a potential attacker could get access to all connected monitors, and could eventually be able to read passwords and keys from apps like password managers.

Needless to say, all the other data is exposed as well, including here email messages and personal information, like bank details and contact data. The information in the screenshots cybercriminals take can be automatically extracted with OCR s… (read more)

Source link

Remember to like our Facebook and follow us on Twitter @iOSMode for a chance to win a free iPad Pro every month!

Quick Links: Download iPhone & iPad Wallpapers | iPad Tutorials | iPhone Tutorials | Download iOS Games | Download iOS Apps

You may also like...

Please leave a reply