Security Study Shows Serious iOS, OS X Flaws Allow Password Theft

Security Study Shows Serious iOS, OS X Flaws Allow Password Theft

A team of six researchers has discovered three serious vulnerabilities in Apple’s iOS and OS X operating systems. The flaws have been used to successfully steal data, including passwords and secret authentication keys.



Discovered by a team of six researchers at Indiana University, Georgia Tech, and China’s Peking University, the exploits rely on fundamental flaws in the implementation of Keychain’s access control lists, OS X’s app containers, and URL schemes that allow apps to call out to each other. Apple was notified of these vulnerabilities last October, the researchers told The Register, and then requested a six-month extension before the paper was made public, which was granted.

The Keychain vulnerability results from its inability to determine if an app should be allowed to modify Keychain entries. A malicious app can delete or create entries before the legitimate app has a chance to. The flaw has been used to retrieve a secret iCloud token, as well as retrieve passwords stored in Keychain by Google’s Chrome browser. Google will reportedly remove Keychain access until a fix is issued.

Another vulnerability exists in OS X’s app containers, which are designed to keep Mac App Store apps from accessing data belonging to other apps without explicit permission to do so. However, the Mac App Store doesn’t verify the uniqueness of Bundle IDs belonging to helper apps. By creating a malicious helper app with the same Bundle ID as an existing app, the bad guys can gain access to the app’s containers.

A flaw in the iOS and OS X URL Schemes allowed researchers to hijack the URL schemes of legitimate apps and grab any data passed between them.

While the flaws remain unpatched in the latest versions of OS X Yosemite, including betas, tests have not been made against the beta of OS X El Capitan, which was released to developers last week. Researchers say they were able to get apps containing the malware into both the Mac and iOS App Stores, saying the malware was not detected during the approval process.


  1. Apple Releases Second Public Beta of iOS 10
  2. Current Thunderbolt Macs Will Support Faster Fiber Optic Cables
  3. Best Buy Offering iTunes Gift Cards for 15% Off!
  4. Sprint CEO: iPhone Was Worth It
  5. Xcode Indicates 2GB RAM for iPhone 6s & 6s Plus, 4GB for iPad Pro
  6. WSJ: iWatch to Include Curved OLED Display, NFC
Apple Giveaways

iPhone X Giveaway



MacBook Pro Giveaway



10.5″ iPad Pro Giveaway



iPhone 8 Plus Giveaway