Apple 0-Day allows hackers to mimic mouse-clicks to allow malicious behavior on macOS Majove, despite mitigations.
A researcher has revealed a zero-day flaw in Apple’s Mojave operating system tied to the way the OS verifies apps. The bug allows attackers to sneak past macOS security measures and run whitelisted apps that have been manipulated to run malicious code.
macOS researcher Patrick Wardle revealed the flaw Monday, describing the exploitation of the bug as a second-stage attack method allowing an adversary to cloak further exploitation of a targeted system using a technique called synthetic mouse clicks. He said the bug shines a bright light on the fact Mojave’s application verification mechanism is “100 percent broken.”
Wardle, who is chief research officer at Digita Security and founder of Mac security company Objective-See, revealed the vulnerability at a security conference, Objective By The Sea, on Monday.
“Synthetic mouse clicks give an attacker an incredibly powerful capability,” he said. “In Mojave, Apple released a myriad of new privacy and security features that will block suspicious activity and display a pop-up requiring the user to allow an action. The goal of my research was to bypass all those new security and privacy mechanisms.”
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
