• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 26th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Apple News

Genieo Adware Installer Left Mac OS X Keychain Vulnerable

September 3rd, 2015 Farzan Hussain Apple News, Malware, Security, Technology News 0 comments
Genieo Adware Installer Left Mac OS X Keychain Vulnerable
Share on FacebookShare on Twitter

Security researchers have found out that the latest version of the ever-popular Genieo installer adware has fetched a new system to access the Mac Keychain without any prior involvement from the user, allowing this adware to access and distribute sensitive data and user credentials stored within the credential manager.

In a nutshell, what Genieo adware does is to gain access to the Keychain feature in OS X, which is aimed to help users by preventing them from entering their account credentials several times when re-accessing the account. Keychain stores login credentials for all your web-based accounts including Gmail, Outlook, Apple, iCloud.

genieo-adware-installer-left-mac-os-x-keychain-vulnerable

Fake Download Shuttle installer | Image Credit: Malwarebytes

[must url=”https://www.hackread.com/ios-jailbreak-backdoor-tweak-icloud-hacked/”]iOS Jailbreak Backdoor Tweak Compromised 220,000 iCloud Accounts[/must]

For those who are not aware of this adware, it is designed and circulated by Genieo Innovation that is an Israel-based company that is renowned for its malware and other harmful apps. The latest version of their adware installer has not been blocked by Mac OS X anti-malware protections and automatically redirects the user to Download Shuttle’s App Store version.

According to the researcher Thomas Reed over at Malwarebytes, who is apparently the first one to discover this vulnerability, prior to the installation of this Genieo installer, it exploits the vulnerability by asking user for a permission to verify their password. Then it installs a Safari browser extension called Leperdvil that asks for keychain access by displaying a dialogue box asking whether to allow or deny the access.

The dialogue box generate by the extension doesn’t prompt for any password, however, the user will notice that, within a fraction of a second, the extension automatically clicks on the “Allow” button. This happens instantly that the user don’t even get a moment to react. It is believed that many would not even notice the dialogue box.

Check the demo video below to see this in action:

 [must url=”https://www.hackread.com/apple-phishing-scam-govt-site/”]A Compromised .GOV URL Hosting Phishing Attacks on Apple Users[/must]

This unusual activity of Genieo installer makes it much more dangerous for its users and could become a great probability for abuse by attackers who might exploit it. These type of autonomous actions could easily be implemented in other apps and installers to exploit Keychain access dialogue box.

Until now, there is no statement released by Apple, but speculations reveal that the company might fix this issue in the next release of OS X.

So to protect your computer and the data stored on your OS X, it is recommended to avoid downloading apps and files from mysterious sources.

Suggest ideas, report typos and corrections to admin@hackread.com 

[src src=”H/T” url=”https://blog.malwarebytes.org/mac/2015/08/genieo-installer-tricks-keychain/”]Malwarebytes[/src]

  • Tags
  • App Store
  • Apple
  • Infosec
  • iOS
  • Mac
  • Malware
  • OS-X
  • Safari
  • security
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article Hacker Puts Crude Poem on Hacked Electronic Signpost in France
Next article New Option in Google Docs Allows You to Type with Your Voice
Farzan Hussain

Farzan Hussain

I am Mohammad Farzan! A technology and gadget enthusiast as well as a creative content writer with over six years of experience in writing engaging content. You will mostly find me writing occasional blog posts, designing websites, capturing photos, social networking and listening to music.

Related Posts
TikTok vulnerability allowed hackers to access users' phone numbers

TikTok vulnerability allowed hackers to access users' phone numbers

Watch out as new Android malware spreads through WhatsApp

Watch out as new Android malware spreads through WhatsApp

SonicWall hacked after 0-day flaws exploited by hackers

SonicWall hacked after 0-day flaws exploited by hackers

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
TikTok vulnerability allowed hackers to access users' phone numbers
Security

TikTok vulnerability allowed hackers to access users' phone numbers

40
Why you should never use free a VPN
Drones

Why you should never use free a VPN

27
Watch out as new Android malware spreads through WhatsApp
Security

Watch out as new Android malware spreads through WhatsApp

224

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us